U.S. Deputy Secretary of Defense William S. Lynn III has finally, after two years, confirmed that the Pentagon has undergone a major cyber-security attack in 2008, calling the incident “the most significant breach of U.S. military computers ever.” According to Lynn, classified military computers were attacked, and it took the military over 14 months to clean up after the incident, leaving many cyber-security experts concerned about military response to cyber-security attacks.
Lynn says that the attack began when a USB drive was inserted in a military computer in the Middle East. “The flash drive’s malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command.” The code then spread across both classified and unclassified systems, “establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control.”
Wired magazine cited an anonymous source saying that it wasn’t sure who was actually responsible for the breach.
In a twist, the effectiveness of the malware was very limited because the malware named “Agent.btz” required access to the public Internet to function. If it wasn’t for that little piece, the damage would have been a lot worse.
The scary part still, for many observers of cyber-security, is that it took the government 14 months to clean up the mess.