Go Back   Professional Soldiers ® > Technical FAQ Forum > Technology News and Reviews

Reply
 
Thread Tools Display Modes
Old 10-12-2011, 06:31   #1
Richard
Quiet Professional
 
Richard's Avatar
 
Join Date: Aug 2004
Location: NorCal
Posts: 15,370
Get Hacked, Don’t Tell: Drone Base Didn’t Report Virus

This is the kind of thing that makes me go, "W...T...F!!???!!"

Reminds me of this old poster.

And so it goes...

Richard


Get Hacked, Don’t Tell: Drone Base Didn’t Report Virus
Wired, 11 Oct 2011

Officials at Creech Air Force Base in Nevada knew for two weeks about a virus infecting the drone “cockpits” there. But they kept the information about the infection to themselves — leaving the unit that’s supposed to serve as the Air Force’s cybersecurity specialists in the dark. The network defenders at the 24th Air Force learned of the virus by reading about it in Danger Room.

The virus, which records the keystrokes of remote pilots as their drones fly over places like Afghanistan, is now receiving attention at the highest levels; the four-star general who oversees the Air Force’s networks was briefed on the infection this morning. But for weeks, it stayed (you will pardon the expression) below the radar: a local problem that local network administrators were determined to fix on their own.

“It was not highlighted to us,” says a source involved with Air Force network operations. “When your article came out, it was like, ‘What is this?’”


The drones are still flying over warzones from Afghanistan to Pakistan to Yemen. There’s no sign, yet, that the virus either damaged any of the systems associated with the remotely piloted aircraft or transmitted sensitive information outside the military chain of command — although three military insiders caution that a full-blown, high-level investigation into the virus is only now getting underway.

Nevertheless, the virus has sparked a bit of a firestorm in military circles. Not only were officials in charge kept out of the loop about an infection in America’s weapon and surveillance system of choice, but the surprise surrounding that infection highlights a flaw in the way the U.S. military secures its information infrastructure: There’s no one in the Defense Department with his hand on the network switch. In fact, there is no one switch to speak of.


The four branches of the U.S. armed forces each has a dedicated unit that, in theory, is supposed to handle cyber defense for the entire service. The 24th Air Force, for example, “is the operational warfighting organization that establishes, operates, maintains and defends Air Force networks,” according to a military fact sheet. These units are then supposed to provide personnel and information to U.S. Cyber Command, which is supposed to oversee the military’s overall network defense.

In practice, it’s not that simple. Unlike most big private enterprises, the 24th doesn’t have a centralized system for managing and monitoring its networks. There’s no place at the 24th’s San Antonio headquarters where someone could see all the digital traffic hurtling through the service’s pipes. In fact, most of the major commands within the Air Force don’t have formal agreements to carry the other’s network traffic. (The 24th Air Force did not immediately respond to requests to comment for this article.)

“We’d never managed the entire Air Force network as a single enterprise,” Vince Ross, the program manager of the Air Force Electronic Systems Center’s Cyber Integration Division, said in March. “That meant there was no centralized management of the network, that systems and hardware weren’t standardized, and that top-level commanders didn’t have complete situational awareness.”

The plan is to one day integrate all that infrastructure into a single Air Force network. But for now, it’s largely cybersecurity by the honor system. Each base and each unit in the Air Force has its own geek squad. They only call for help if there’s a broader network problem, or if they’re truly stumped.

That didn’t happen when a so-called “keylogger” virus hit Creech more than two weeks ago.

“Nothing was ever reported anywhere. They just didn’t think it was important enough,” says a second source involved with operating the Air Force’s networks. “The incentive to share weaknesses is just not there.”

Not even when that weakness hits the robotic weapons that have become the lynchpin for American military operations around the planet.


http://www.wired.com/dangerroom/2011...tories+2%29%29
Attached Images
File Type: jpg USAF On Alert.jpg (67.4 KB, 61 views)
__________________
“Sometimes the Bible in the hand of one man is worse than a whisky bottle in the hand of (another)… There are just some kind of men who – who’re so busy worrying about the next world they’ve never learned to live in this one, and you can look down the street and see the results.” - To Kill A Mockingbird (Atticus Finch)

“Almost any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.” - Robert Heinlein
Richard is offline   Reply With Quote
Old 10-12-2011, 06:38   #2
albeham
Quiet Professional
 
albeham's Avatar
 
Join Date: Oct 2006
Location: MD
Posts: 448
I bet they will now get a medal for it...some AF stress thingy.
__________________
RF is the Black Magic of today
albeham is offline   Reply With Quote
Old 10-12-2011, 06:54   #3
JJ_BPK
Quiet Professional
 
JJ_BPK's Avatar
 
Join Date: Apr 2008
Location: 18 yrs upstate NY, 30 yrs South Florida, 20 yrs Conch Republic, now chasing G-Kids in NOVA & UK
Posts: 11,901
This needs an in-depth classified AAR, with details..

Without knowing what the virus was and it's intent, WIRED.com and all others are just guessing.

If their security plan that rates an active threats was:

not executed
not timely
not vertical in notification

Someone will be spanked..

BUT,, If their transmit/receive technology is of a robust nature,, recording the transmission is of little concern. Properly encoded streaming binary is not going to compromise anything.

and WIRED.com,, in their very left leaning way, is blowing smoke up someones patootie.....

It's is not unlike the Enigma machine of WW II. If we didn't capture one, we may have never known how to use it..

Unless I guess wrong, the message should have had an encoding scheme exactly like other NSA devices..


In any case,, I think it's to early to judge...

My $00.0002
__________________
Go raibh tú leathuair ar Neamh sula mbeadh a fhios ag an diabhal go bhfuil tú marbh

"May you be a half hour in heaven before the devil knows you’re dead"
JJ_BPK is offline   Reply With Quote
Old 10-12-2011, 07:48   #4
BOfH
Guerrilla Chief
 
Join Date: Jun 2011
Location: NYC Area
Posts: 828
The attitude of "why do I need to bring in someone smarter than I am if I *think* I know enough to deal with it myself", essentially the system/network administrators(if you can even call them that) over there felt there was no need to call in the experts, declared the virus harmless even though they had no idea what it was capable of and why it was there. This attitude is alive and well in the corporate world as well, except that we (most of the time) have more visibility into the network and less politics, allowing us to keep the "I *think* I know more than you" WoW gamer in HR in check.

My devalued .0002...
__________________
"Crime is an extension of business through illegal means, politics is an extension of crime through *legal* means."
BOfH is offline   Reply With Quote
Old 10-12-2011, 07:50   #5
JimP
Quiet Professional
 
JimP's Avatar
 
Join Date: Feb 2008
Location: State of confusion
Posts: 1,557
Some pretty callous attitudes towards our air force brethren here. I mean...come on!!! They would have had to write a report, ensure it got to the right people, make sure the damage was undone, make sure the effort at supporting the troops wasn't compromised, etc. Doing all of that may have made them late for their kids soccer game or - heaven forbid - late for happy hour at the club. Jeesh guys, ain't like they are downrange and can just go off station when the sun comes up.
JimP is offline   Reply With Quote
Old 10-12-2011, 10:31   #6
mugwump
Area Commander
 
Join Date: Nov 2005
Posts: 1,403
Quote:
Originally Posted by JJ_BPK View Post
BUT,, If their transmit/receive technology is of a robust nature,, recording the transmission is of little concern. Properly encoded streaming binary is not going to compromise anything.
The video streams used to be unencoded, hopefully that's changed and the command stream is encoded. But even if it is, I guess it depends on where we bought the chips used in the hardware encoding.
__________________
mugwump

“Klaatu barada nikto”
mugwump is offline   Reply With Quote
Old 10-12-2011, 10:40   #7
Ret10Echo
Quiet Professional
 
Ret10Echo's Avatar
 
Join Date: Feb 2007
Location: Occupied America....
Posts: 4,740
Final determinations aside...several potential issues.

1. Supply chain security... (What's in the soup...?)

2. Application of new technologies as "plug-ins" to native networks.

3. Rapid advancement and slow/non-existent certification requirements


Conflict of IA trying to lock-down networks poised against technologies and users who want free access to everything. If nobody notices, nobody mentions it...until there is an issue.

As pointed out in the article, the paradigm has been siloed capabilities...which were more secure based upon architecture. The "cloud" or National/Global WAN architecture poses multiple layers of issues and you end up "flying blind" (pun intended) trying to figure out the issue.
__________________
"There are more instances of the abridgment of freedom of the people by gradual and silent encroachments of those in power than by violent and sudden usurpations"

James Madison
Ret10Echo is offline   Reply With Quote
Old 10-16-2011, 16:04   #8
greenberetTFS
Quiet Professional (RIP)
 
greenberetTFS's Avatar
 
Join Date: May 2007
Location: Carriere,Ms.
Posts: 6,922
Quote:
Originally Posted by Richard View Post
This is the kind of thing that makes me go, "W...T...F!!???!!"

Reminds me of this old poster.

And so it goes...

Richard


Get Hacked, Don’t Tell: Drone Base Didn’t Report Virus
Wired, 11 Oct 2011

Officials at Creech Air Force Base in Nevada knew for two weeks about a virus infecting the drone “cockpits” there. But they kept the information about the infection to themselves — leaving the unit that’s supposed to serve as the Air Force’s cybersecurity specialists in the dark. The network defenders at the 24th Air Force learned of the virus by reading about it in Danger Room.

The virus, which records the keystrokes of remote pilots as their drones fly over places like Afghanistan, is now receiving attention at the highest levels; the four-star general who oversees the Air Force’s networks was briefed on the infection this morning. But for weeks, it stayed (you will pardon the expression) below the radar: a local problem that local network administrators were determined to fix on their own.

“It was not highlighted to us,” says a source involved with Air Force network operations. “When your article came out, it was like, ‘What is this?’”


The drones are still flying over warzones from Afghanistan to Pakistan to Yemen. There’s no sign, yet, that the virus either damaged any of the systems associated with the remotely piloted aircraft or transmitted sensitive information outside the military chain of command — although three military insiders caution that a full-blown, high-level investigation into the virus is only now getting underway.

Nevertheless, the virus has sparked a bit of a firestorm in military circles. Not only were officials in charge kept out of the loop about an infection in America’s weapon and surveillance system of choice, but the surprise surrounding that infection highlights a flaw in the way the U.S. military secures its information infrastructure: There’s no one in the Defense Department with his hand on the network switch. In fact, there is no one switch to speak of.


The four branches of the U.S. armed forces each has a dedicated unit that, in theory, is supposed to handle cyber defense for the entire service. The 24th Air Force, for example, “is the operational warfighting organization that establishes, operates, maintains and defends Air Force networks,” according to a military fact sheet. These units are then supposed to provide personnel and information to U.S. Cyber Command, which is supposed to oversee the military’s overall network defense.

In practice, it’s not that simple. Unlike most big private enterprises, the 24th doesn’t have a centralized system for managing and monitoring its networks. There’s no place at the 24th’s San Antonio headquarters where someone could see all the digital traffic hurtling through the service’s pipes. In fact, most of the major commands within the Air Force don’t have formal agreements to carry the other’s network traffic. (The 24th Air Force did not immediately respond to requests to comment for this article.)

“We’d never managed the entire Air Force network as a single enterprise,” Vince Ross, the program manager of the Air Force Electronic Systems Center’s Cyber Integration Division, said in March. “That meant there was no centralized management of the network, that systems and hardware weren’t standardized, and that top-level commanders didn’t have complete situational awareness.”

The plan is to one day integrate all that infrastructure into a single Air Force network. But for now, it’s largely cybersecurity by the honor system. Each base and each unit in the Air Force has its own geek squad. They only call for help if there’s a broader network problem, or if they’re truly stumped.

That didn’t happen when a so-called “keylogger” virus hit Creech more than two weeks ago.

“Nothing was ever reported anywhere. They just didn’t think it was important enough,” says a second source involved with operating the Air Force’s networks. “The incentive to share weaknesses is just not there.”

Not even when that weakness hits the robotic weapons that have become the lynchpin for American military operations around the planet.


http://www.wired.com/dangerroom/2011...tories+2%29%29
Stupid is as stupid does!.......

Big Teddy
__________________
I believe that SF is a 'calling' - not too different from the calling missionaries I know received. I knew instantly that it was for me, and that I would do all I could to achieve it. Most others I know in SF experienced something similar. If, as you say, you HAVE searched and read, and you do not KNOW if this is the path for you --- it is not....
Zonie Diver

SF is a calling and it requires commitment and dedication that the uninitiated will never understand......
Jack Moroney

SFA M-2527, Chapter XXXVII
greenberetTFS is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -6. The time now is 17:53.



Copyright 2004-2022 by Professional Soldiers ®
Site Designed, Maintained, & Hosted by Hilliker Technologies