Computer Virus Hits U.S. Drone Fleet

[zorgon]

Computer Virus Hits U.S. Drone Fleet

A computer virus has infected the cockpits of America's Predator and Reaper drones, logging pilots' every keystroke as they remotely fly missions over Afghanistan and other warzones.

The virus, first detected nearly two weeks ago by the military's Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech's computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military's most important weapons system.

"We keep wiping it off, and it keeps coming back," says a source familiar with the network infection, one of three that told Danger Room about the virus. "We think it's benign. But we just don't know."

http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/



So hackers are getting into Area 51's Swarm Control?

THIS is a scary statement..

"We keep wiping it off, and it keeps coming back," says a source familiar with the network infection, one of three that told Danger Room about the virus. "We think it's benign. But we just don't know."

[zorgon]

Now remember last year?

Communication With 50 Nuke Missiles Dropped in ICBM Snafu

The Air Force swears there was no panic. But for three-quarters of an hour Saturday morning, launch control officers at F.E. Warren Air Force Base in Wyoming couldn't reliably communicate or monitor the status of 50 Minuteman III nuclear missiles. Gulp.

Backup security and communications systems, located elsewhere on the base, allowed the intercontinental ballistic missiles to be continually monitored. But the outage is considered serious enough that the very highest rungs on the chain of command — including the President — are being briefed on the incident today.

A single hardware failure appears to have been the root cause of the disruption, which snarled communications on the network that links the five launch control centers and 50 silos of the 319th Missile Squadron. Multiple error codes were reported, including "launch facility down."

It was a "significant disruption of service," an Air Force official familiar with the incident tells Danger Room. But not unprecedented: "Something similar happened before at other missile fields."

A disruption of this magnitude, however, is considered an anomaly of anomalies.

"Over the course of 300 alerts — those are 24-hour shifts in the capsule — I saw this happen to three or four missiles, maybe," says John Noonan, a former U.S. Air Force missile launch officer who first tweeted word of the issue. "This is 50 ICBMs dropping off at once. I never heard of anything like it."

http://www.wired.com/dangerroom/2010/10/communications-dropped-to-50-nuke-missiles-in-icbm-snafu/

[zorgon]

The ICBM's on the same grid?

And NO ONE KNOWS what is going on?

[Ellirium113]

Insurgents have been hacking the video feeds of some of these drones using off the shelf software costing around $26/US. Check out SkyGrabber:

http://www.skygrabber.com/en/index.php

The potential drone vulnerability lies in an unencrypted downlink between the unmanned craft and ground control. The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said.

It's only a 10+ year old flaw...it is of no concern. 

http://professional.wsj.com/article/SB126102247889095011.html?mg=reno-secaucus-wsj

[spacemaverick]

War drones keep flying despite computer virus

(Reuters) - The U.S. government's unmanned Predator and Reaper drones are continuing to fly remote missions overseas despite a computer virus that has infected the plane's U.S.-based cockpits, according to one source familiar with the infection.

Government officials are still investigating whether the virus is benign, and how it managed to infect the heavily protected computer systems at Creech Air Force Base in Nevada, where U.S. pilots remotely fly the planes on their missions over Iraq, Afghanistan and elsewhere.

"Something is going on, but it has not had any impact on the missions overseas," said the source, who was not authorized to speak publicly.

Armed tactical unmanned planes have become an increasingly valuable tool used by the U.S. government to track and attack individuals and small groups overseas, but the virus underscores the vulnerability of such systems to attacks on the computer networks used to fly them from great distances.

Wired magazine first reported the virus infection on its website on Friday and said it was logging pilots' every keystroke as they remotely flew missions over Afghanistan and elsewhere.

Wired said the problem was first detected nearly two weeks ago by the U.S. military's Host-Based Security System, but there were no confirmed incidents of classified information being lost or sent to an outside source.

The virus had resisted multiple efforts to remove it from Creech's computers, Wired said, quoting network security specialists.

The U.S. military and intelligence communities have used Predator and Reaper drones, built by privately held General Atomics in San Diego, to carry out increasingly precise attacks on top Al Qaeda officials and other U.S. targets in Pakistan, Afghanistan and Yemen.

Last week, U.S. officials confirmed that Anwar al-Awlaki, an American-born cleric linked to Al Qaeda, was killed in a CIA drone strike in Yemen.

In August, al Qaeda's second-in-command, Atiyah abd al-Rahman was killed in a drone strike in northwest Pakistan. [ID:nN1E77Q09T] Ilyas Kashmiri, an alleged leader of both al Qaeda and one of its Pakistan-based affiliates, was killed in a suspected U.S. drone strike in June.

The U.S. military has achieved its goal of flying 60 combat air patrols overseas with the unmanned planes, according to one U.S. defense official.

The CIA now operates Predator and Reaper unmanned aircraft over at least five countries including Yemen, Afghanistan and Libya.

Hey, we don't care, we'll just keep on flying them.

[zorgon]

So.... ummm...

How do we get control of a few of those?

I have a list of potential targets

[Ellirium113]

Well judging by how lapse the rest of the security is perhaps we could just walk in and grab one off the shelf. 

But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said.

Is this how the military intelligence community assessed their enemies? LMAO

Maybe they think the enemy wouldn't be smart enough to do that either.   

Other people are resorting to building their own drones.

http://diydrones.com/

[spacemaverick]

U.S. drones that killed American Al Qaeda boss 'infected by virus' amid fears terrorists are logging their every movePredator and Reaper drones 'hit by mysterious keylogger virus'
Infection thought have spread via crews' removable hard drives
Fears tracking logs may be on public internet and available to terrorists
Drone use has been suspended while security specialists investigate

Experts at Nevada base believe virus is most likely accidental malware
Drones have killed more than 2,000 people since Obama was elected

By Daily Mail Reporter

Last updated at 10:14 PM on 7th October 2011


Read more: http://www.dailymail.co.uk/news/article-2046660/U-S-drones-killed-American-Al-Qaeda-boss-infected-virus-amid-fears-terrorists-logging-move.html#ixzz1aIzJwQom

This means that some of the data captured by the virus may have been transmitted to the internet and could be available to terrorists online.

See above link for more information.  It seems our systems are not as secure as people think.  This is a defense system and it has holes in it.

GAO: Federal network security breaches spike 650 percent
By Aliya Sternstein 10/03/2011

Reports of network security incidents at federal agencies have soared 650 percent during the past half-decade, jeopardizing the confidentiality and integrity of sensitive government information, federal auditors charged in a congressionally mandated report.

The most prevalent types of cyber events included infections from malicious code -- 30 percent of incidents; violations of acceptable use policies; and intrusions into networks, applications and other data resources, states a Government Accountability Office report released on Monday. GAO auditors are required by law to periodically update Congress on departments' compliance with a computer security measure called the 2002 Federal Information Security Act, or FISMA.

During the past five years, the number of reported events has grown from 5,503 in 2006 to 41,776 in 2010.

http://www.nextgov.com/nextgov/ng_20111003_6771.php?oref=mostread

See above link for more information.  Makes a person not have a warm fuzzy about our security systems doesn't it?  Really?

[spacemaverick]

Computer virus found at U.S. drone base a "nuisance," not "operational threat," U.S. Air Force says

An update

From The Envoy Newsblog

"The U.S. Air Force has acknowledged for the first time that a key computer system at a Nevada base that's devoted to flying Predator drones has suffered a computer-virus outbreak. The Creech airbase relies on computers to remotely pilot unmanned Predator drones from Afghanistan to Yemen succumbed to a virus last month, Air Force officials confirmed on Wednesday."

"However, Air Force personnel also insisted that the virus--which reportedly records the ground control room pilots' keystrokes--amounted only to a minor "nuisance." At no time did the virus interfere with pilots' ability to remotely fly the sophisticated unmanned aircraft, the Air Force Space Command said, according to a report by Agency France Presse."

For more see link.

http://news.yahoo.com/blogs/envoy/computer-virus-found-u-drone-nuisance-not-operational-165447882.html

Get Hacked, Don't Tell: Drone Base Didn't Report Virus
By Noah Shachtman 

http://www.wired.com/dangerroom/2011/10/drone-virus-kept-quiet/

I guess the base did not inform their cyber security specialists.  Gives one a lot of confidence in our defense huh?

[Ellirium113]

"The Drone thing is way overblown! At least this time.  This time it was a keylogger that could not send any data out that it captured!"

He went on to say how the highly publicized incidents where insurgents have intercepted drones' video feeds were much more harmful than this.

http://defensetech.org/2011/10/11/usaf-drone-control-virus-overblown/

Hmm they don't know what it is or how get rid of it and they think it is merely logging keystrokes on a secured network but that's ok why? 

If it was tied to some stuxnet type code it would pertinent to quarantine the system as fast as possible before it embeds itself ito every piece of firmware on the network or wherever it resides.

[Ellirium113]

LOL and Iran said to the U.S...."Please send us more of your lovely trinkets to play with!"   

I wonder if this was part of that same bunch of brilliant engineers that deemed the enemy as not being intelligent enough to exploit the security flaws.



Iran exhibits US drone undamaged. US and Israeli intelligence shocked

DEBKAfile Special Report December 8, 2011, 7:25 PM (GMT+02:00)

Tags:  US-Israel   Iran nuclear   drones   Intelligence   covertwar 


Iran displays captured US RQ-170 drone

Iran exhibited the top-secret US stealth drone RQ-170 Sentinel captured on Sunday, Dec. 4. Its almost perfect condition confirmed Tehran's claim that the UAV was downed by a cyber attack, meaning it was not shot down but brought in undamaged by an electronic warfare ambush.This is a major debacle for the stealth technology the US uses in its warplanes and the drone technology developed by the US and Israel.

The state of the lost UAV refutes the US military contention that the Sentinel's systems malfunctioned. If this had happened, it would have crashed and either been wrecked or damaged. The condition of the RQ-170 intact obliges the US and Israel to make major changes in plans for a potential strike against Iran's nuclear program.

http://www.debka.com/article/21550/

So what was that comment they made earlier about that keylogger not being a big deal? Someone has egg on their face.

[Pimander]

Russia has strong intelligence links with Iran.  Either they helped with this operation or they will learn from it and the drones are potentially useless against a "sophisticated" enemy.

Any remote controlled device is vulnerable to the simple method of mimicking the signals used to control it.  What surprises me is how strategists seem to be burying their head in the sand over this.

[Ellirium113]

I am not so sure now...they are saying "undamaged" but perhaps that has a different definition in Iran? 

The left wing looks like it is being held on by masking tape and a little scotch tape for reinforcement. Could be a well played hoax?

[Linda Brown]

It seems to me that there could be many layers of deception going on here. I am not sure that I would believe any of the stories put out.

The one that is probably the truest is the one which hasn't been mentioned. I submit that there is a possibility that the US allowed the drone to be " captured" electronically... If that little bit of bait was swallowed....the other side might just show more of its hand than it would have normally..... and how many " bugs" in its system might it have been carrying. It might look a bit like a CIA drone to some but it resembles a Trojan Horse to me.

If it was " captured" and landed without incident. Where is the " destruct on command" (which should never have been compromised... no matter what.) If someone allowed capture.... and it was not intentional... then they should be tried for treason. Somehow.... I don't believe that is what happened.

But thats just me. I have a suspicious nature when you only hear a couple of sides in a world of endless possibilities. Going to be fun to see what purposes this " capture" actually fills, won't it?   Linda Brown.

[Gigas]

I would guess these drones have no secure com control. Gary Mikinnon showed how secure the government was when he snooped.

Google this, AR drone tutorial #01.

See what they done with an ipad / iPhone app.

There's several speculations as to why Iran was allowed to grab a drone.

First, they sent a deadly viral agent to infect those who handle the drone.

Second, terrorist grab a drone, load a nuke, and send it back to the US for a little false flag shenanigans.

Whatever the plan, it was obviously easy..