http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/

A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other warzones.

The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military’s most important weapons system.

“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.”

Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.


Drones have become America’s tool of choice in both its conventional and shadow wars, allowing U.S. forces to attack targets and spy on its foes without risking American lives. Since President Obama assumed office, a fleet of approximately 30 CIA-directed drones have hit targets in Pakistan more than 230 times; all told, these drones have killed more than 2,000 suspected militants and civilians, according to the Washington Post. More than 150 additional Predator and Reaper drones, under U.S. Air Force control, watch over the fighting in Afghanistan and Iraq. American military drones struck 92 times in Libya between mid-April and late August. And late last month, an American drone killed top terrorist Anwar al-Awlaki — part of an escalating unmanned air assault in the Horn of Africa and southern Arabian peninsula.

But despite their widespread use, the drone systems are known to have security flaws. Many Reapers and Predators don’t encrypt the video they transmit to American troops on the ground. In the summer of 2009, U.S. forces discovered “days and days and hours and hours” of the drone footage on the laptops of Iraqi insurgents. A $26 piece of software allowed the militants to capture the video.

The lion’s share of U.S. drone missions are flown by Air Force pilots stationed at Creech, a tiny outpost in the barren Nevada desert, 20 miles north of a state prison and adjacent to a one-story casino. In a nondescript building, down a largely unmarked hallway, is a series of rooms, each with a rack of servers and a “ground control station,” or GCS. There, a drone pilot and a sensor operator sit in their flight suits in front of a series of screens. In the pilot’s hand is the joystick, guiding the drone as it soars above Afghanistan, Iraq, or some other battlefield.

Some of the GCSs are classified secret, and used for conventional warzone surveillance duty. The GCSs handling more exotic operations are top secret. None of the remote cockpits are supposed to be connected to the public internet. Which means they are supposed to be largely immune to viruses and other network security threats.

But time and time again, the so-called “air gaps” between classified and public networks have been bridged, largely through the use of discs and removable drives. In late 2008, for example, the drives helped introduce the agent.btz worm to hundreds of thousands of Defense Department computers. The Pentagon is still disinfecting machines, three years later.

Use of the drives is now severely restricted throughout the military. But the base at Creech was one of the exceptions, until the virus hit. Predator and Reaper crews use removable hard drives to load map updates and transport mission videos from one computer to another. The virus is believed to have spread through these removable drives. Drone units at other Air Force bases worldwide have now been ordered to stop their use.

In the meantime, technicians at Creech are trying to get the virus off the GCS machines. It has not been easy. At first, they followed removal instructions posted on the website of the Kaspersky security firm. “But the virus kept coming back,” a source familiar with the infection says. Eventually, the technicians had to use a software tool called BCWipe to completely erase the GCS’ internal hard drives. “That meant rebuilding them from scratch” — a time-consuming effort.

The Air Force declined to comment directly on the virus. “We generally do not discuss specific vulnerabilities, threats, or responses to our computer networks, since that helps people looking to exploit or attack our systems to refine their approach,” says Lt. Col. Tadd Sholtis, a spokesman for Air Combat Command, which oversees the drones and all other Air Force tactical aircraft. “We invest a lot in protecting and monitoring our systems to counter threats and ensure security, which includes a comprehensive response to viruses, worms, and other malware we discover.”

However, insiders say that senior officers at Creech are being briefed daily on the virus.

“It’s getting a lot of attention,” the source says. “But no one’s panicking. Yet.”

If only the virus caused the entire fleet to crash into an uninhabited desert.

uhh... hopefully some foreign nation doesn't remotely take control of our drone fleet...that would be bad.

What was the old sales line they used to sell us on mechanized weaponry? Never gets sick, never loses its mind...

This made me think of how anonymous said they will shut down wall street on october 10th.

Shoulda bought a Mac...

I don't know about you all, but I feel safer already.

China, maybe??

China, maybe??

probably made with pre-installed chinese backdoor motherboards.

uhh... hopefully some foreign nation doesn't remotely take control of our drone fleet...that would be bad.

That depends.

this reminds me of skynet

seems to me, they just got plausible deniablity for any action that upsets people....

seems to me, they just got plausible deniablity for any action that upsets people....

as if that ever stopped them.

as if that ever stopped them.
just saying, its a nice trump card to hold

i'm baaaack!

sHaLl wE pLaY a GamE?

I seriously doubt these drones and their control stations run Windows and IE8 over the internet so the likelihood of it being a run-of-the-mill malware is about zero. Surely these things run on a proprietary OS so the virus would have to be made specifically for the drone platform and that requires access to both the hardware and the software, not to mention one hell of a programmer. Any components Chinese? We also have some pretty bright computer/hacker minds in our own military that may be voicing their displeasure at the drone program in this manner. Interesting story, thx for sharing.

I seriously doubt these drones and their control stations run Windows and IE8 over the internet so the likelihood of it being a run-of-the-mill malware is about zero. Surely these things run on a proprietary OS so the virus would have to be made specifically for the drone platform and that requires access to both the hardware and the software, not to mention one hell of a programmer. Any components Chinese? We also have some pretty bright computer/hacker minds in our own military that may be voicing their displeasure at the drone program in this manner. Interesting story, thx for sharing.

Agreed. Considering claims have been made that the U.S. planted viruses in Iranian nuclear power plant softare to sabotage their systems, it would not surprise me the same would happen to our drone software.

China, maybe??

It was either China or Israel, or a collaboration between the two.

Many people think Israel is our ally, but they're not. They sell our technology to the highest bidder, they spy on us, they've attacked us. Yet we stupidly send them billions a year and do their dirty work in the Middle East.

probably made with pre-installed chinese backdoor motherboards.

That's probably most likely.

uhh... hopefully some foreign nation doesn't remotely take control of our drone fleet...that would be bad.

Or a false flag.

"We SWEAR it was the group anonymous that did it."

this reminds me of skynet

you have no idea:

http://dronewarsuk.wordpress.com/2010/07/21/skynet-5-connecting-the-drones/


Whilst it is relatively easy to build, launch and fly a drone, controlling them over great distances and then launching missiles and bombs requires a key element that is available to relatively few forces – military satellites.

The UK has three military hardened Skynet 5 satellites in geostationary orbit 40,000km above the earth’s surface which relay communications between headquarters in the UK and British forces deployed on operations overseas. A fourth Skynet 5 satellite will be launched in 2013.

The satellites enable RAF pilots sitting in their base in the Nevada desert to fly Reaper drones and launch their missiles over Afghanistan. Via Skynet 5’s high-bandwidth connection, information and video from the Reapers over Afghanistan is beamed to Creech USAF base in Nevada and to the UK.

Skynet 5 however is not owned by the Ministry of Defence, but by a private company called Paradigm Secure Communication. In 2003 the Ministry of Defence signed a £3.6bn deal with Paradigm Secure Communication for provision of all worldwide satellite communications services to UK Armed Forces up to 2018 (later amended to 2020 and then this year extended to 2022). This Private Finance Initiative (PFI), one of the most expensive ever signed by the MoD, is paid for in part by selling spare bandwidth to other military forces.
1. Skynet 5 enables satellite communications for UK forces
2. The largely autonomous satellites talk to two UK ground stations
3. Skynet 5 supports high-bandwidth applications, such as UAV video
4. Antennas and terminals are being upgraded to make best use of Skynet
5. New battlefield networks, such as Cormorant, feed into the system
6. System gives commanders access to more information, faster



Paradigm Secure Communications is a wholly owned subsidiary of EADS (the European Aeronautic Defence and Space Company), one of the world largest military companies. Within the company structure, Paradigm is part of Astrium Services, which delivers space-based services to military and government users. Astrium Services owns 75% of Milsat Services which also provides military satellite communication services to both the German armed forces and the French Navy.

While British Reaper drones are flying over Afghanistan and controlled by pilots in the Nevada desert, the Skynet system is operated out of several locations in the UK. The system has two satellite ground stations, one in Hampshire (Oakhanger) and one in Wiltshire (Colerne). However Paradigm operates the Skynet 5 satellites from a dedicated centre in Hawthorn, Wiltshire, very close to the MoD’s Defence Communications and Services Agency (DCSA) Global Operations and Security Control Centre at Corsham.

Or a false flag.

"We SWEAR it was the group anonymous that did it."

I doubt the drones are connected to the internet,,, Though government stupidity never ceases to amaze me.

Very interesting....

You're welcome!


http://i931.photobucket.com/albums/ad153/peteinla1969/robot003.jpg

It's Julian Assange better use the asassination panel.

What was the old sales line they used to sell us on mechanized weaponry? Never gets sick, never loses its mind...

No shit.

Or a false flag.

"We SWEAR it was the group anonymous that did it."

Oh, fuck...that hadn't even crossed my mind until you said it.

I doubt the drones are connected to the internet,,, Though government stupidity never ceases to amaze me.

Didn't Iran have their nuclear reactor connected to the internet? Isn't that how they got infected by the Stuxnet worm?

Skynet became self-aware.....


http://youtu.be/4DQsG3TKQ0I

Didn't Iran have their nuclear reactor connected to the internet? Isn't that how they got infected by the Stuxnet worm?

Not sure, though I believe it was on a jump drive and deliberately infected.
Stuxnet worm was created by government hackers but reported by media as otherwise (initially) It was an act of deliberate Cyber Warfare.

So much for governmental infallibility.

It is very easy for ignorant people to think that success in war may be gained by the use of some wonderful invention rather than by hard fighting and superior leadership. - GEN Patton

It is very easy for ignorant people to think that success in war may be gained by the use of some wonderful invention rather than by hard fighting and superior leadership. - GEN Patton

perhaps the brass in the chair force need to be reminded of that quote.

(no offense to those working in the af... with the exception of 0-6s and higher)

perhaps the brass in the chair force need to be reminded of that quote.

(no offense to those working in the af... with the exception of 0-6s and higher)

Over reliance on technology makes you vulnerable to some other bright person with an even more remarkable technology that negates yours.

perhaps the brass in the chair force need to be reminded of that quote.

(no offense to those working in the af... with the exception of 0-6s and higher)

There's a whole lot of stupid in the Air Force. The brass make the calls, but the NCO's are the core... and often left to clean up the mess.

There's a whole lot of stupid in the Air Force. The brass make the calls, but the NCO's are the core... and often left to clean up the mess.

this may be a bit offensive, but it's funny as heck:

hxxp://uncyclopedia.wikia.com/wiki/Air_Force

CIA/DOD clowns surfing the net while OPS in limbo... then some knucklehead sees, "A nasty Virus has been detected on your computer... Click here to repair"

that, or...

.gov hit some nasty East Block or Russian porn sites... yah know government employees love surfing porn during their schedules.

in this photo a group of airmen are taught by a physical conditioning specialist (an "air conditioner") to take off by flapping their arms as fast as possible. Because the air force spent all its money on new uniform development and pt testing infrastructure, creditors were forced to repo its planes.

roflmao!

But wait, there's more! You may think that during this time of massive global war, funds might be a little tight. But you'd be wrong! There's always money for half-brained attempts at changing the uniform to give the General-du-jour another impressive bullet for his OPR. The newest design for the Air Force of the future would be the Service Dress Uniform. The Air Force became a bit tired of people comparing them to civilian pilots and bus drivers when dressed up showing off their Bronze Stars that every Airman gets straight out of Basic. They needed another new uniform. They needed something to be feared, something that demands respect, something that blatanty copies one of their sister services (see: Marines) and something that inspires awe, particularly from Nazis and Star Wars fans. Thank God this idea has been nixed.

Just remember everyone, the Army actually has more planes than the Air Force. And more boats than the Navy. And more idiots than the Marines.

See also [Air Training Corps (N00bs)]

"The U.S. Air Force... why not?" a commonly used ad seen in posters magazines and bagel bites boxes

:D

this may be a bit offensive, but it's funny as heck:

hxxp://uncyclopedia.wikia.com/wiki/Air_Force

LOL

http://images4.wikia.nocookie.net/__cb20110717210154/uncyclopedia/images/4/4a/Aafes.jpg

Wired magazine is 100% pro-war. Sad publication

would not surprise me .if this wasn't just away for the globalist to stage a stunt to take are 1st amendmit right on the net and give them a free pass to blow shit up and blame it on the hacker's divide and conquer false flag attacks

wellyour worse nightmare has happened a foreign government has taken over are republic and just so happens the dictator of these fashist pagan scum bags is the commander and cheif of those remotely controled depopulating industrial war machine. and just think next they will be taken you or your family out just like a terrorist ocourding to home land security white middle class flag flying ron paul supporters are now in 1st place oh yea we knocked the american veterans to 2nd place now on the most dangerous people in america go read the patriot act then get a map so you can find your way back from the fema camps tey built for us isnt that nice of them traiders cia mi6 have started all the wars over in the middle east and elsewhere we put the so called dictators in power years ago and now its time to divide and conqueur cause the crisis offer the solutions false flag attatch all bull shit my whole life has been 1 big lie schooling religion ect no wonder i got kicked out of government class for telling them they should teach government in usa history class because it no longer aplies wake up people turn off the poisionios tap water and grow your own food quietly ( sen bill 510) and through out your pulsating mind controlling plasm tv and make sure you go get your mercury shots they have them in many flvors lol

UPDATE:Fear not - it's just the malware we have all over our national defense computers!

http://news.yahoo.com/us-air-force-calls-drone-fleet-virus-nuisance-053626091.html

A computer virus that hit the US drone fleet last month created a "nuisance" but no serious threat to flight operations for the unmanned aircraft, the US Air Force said.

Confirming the virus for the first time days after it was first reported, Air Force Space Command said computers at a Nevada air base were infected with malware but played down the problem as a minor headache.

Malware on the computers at Creech Air Force base, where drone planes over Afghanistan and elsewhere are piloted remotely, was first spotted on September 15, Space Command said in a statement.

"The infected computers were part of the ground control system that supports RPA (remotely piloted aircraft) operations," it said.

"The ground system is separate from the flight control system Air Force pilots use to fly the aircraft remotely; the ability of the RPA pilots to safely fly these aircraft remained secure throughout the incident," it said.

The malware, of a type that is "found routinely on computer networks and is considered more of a nuisance than an operational threat," had been isolated, it said.

UPDATE:Fear not - it's just the malware we have all over our national defense computers!

http://news.yahoo.com/us-air-force-calls-drone-fleet-virus-nuisance-053626091.html

it gets better!!


Wired has more on how officials at Creech Air Force Base in Nevada kept the virus a secret for two weeks:

The network defenders at the 24th Air Force learned of the virus by reading about it in Danger Room.

The virus, which records the keystrokes of remote pilots as their drones fly over places like Afghanistan, is now receiving attention at the highest levels; the four-star general who oversees the Air Force’s networks was briefed on the infection this morning. But for weeks, it stayed (you will pardon the expression) below the radar: a local problem that local network administrators were determined to fix on their own.

“It was not highlighted to us,” says a source involved with Air Force network operations. “When your article came out, it was like, ‘What is this?’”

http://www.theblaze.com/stories/update-air-force-cybersecurity-found-out-about-drone-virus-by-reading-report-online/

My first question is why was a secure and dedicated network connected to the Internet in the first place?

Other logical questions would then follow. like,,, are the system administrators really dumber than script kiddies?

Or a false flag.

"We SWEAR it was the group anonymous that did it."


Oh, fuck...that hadn't even crossed my mind until you said it.

This forum's political IQ is above average. Anyhow, now if they start assassinating people on the MIAC "terrorist" list they can always say it was a computer glitch. And some folks will say "Don't assume evil when stupidity can explain it." That's why the government acts stupid.

My first question is why was a secure and dedicated network connected to the Internet in the first place?

Other logical questions would then follow. like,,, are the system administrators really dumber than script kiddies?

you read that AF uncyclopedia piece i posted in another thread. while humorous, amazingly, it is 90 to 95% accurate. :p

actually, i think there are some pretty good answers floating around about what is going on and why. but it takes some dot connecting. (not talking about false flag stuff, either)

bump

UAVs are likely running some kind of RTOS, that receives instructions from some other OS.
There's probably some sort of control interface that does run on windows, which got infected. "Drone Pilots" were probably downloading infected mp3's from lime wire, on the UAV console laptops. It must get boring - like staring out a window on a commercial airplane, but the window is a laptop monitor. An episode of smallville might help pass the time. Who cares about the pop-ups?

UAVs are likely running some kind of RTOS, that receives instructions from some other OS.
There's probably some sort of control interface that does run on windows, which got infected. "Drone Pilots" were probably downloading infected mp3's from lime wire, on the UAV console laptops. It must get boring - like staring out a window on a commercial airplane, but the window is a laptop monitor. An episode of smallville might help pass the time. Who cares about the pop-ups?

except there are no windows to stare out of.

i'm sure there are certain rules that apply to what a person can and cannot be doing whilst "operating" a drone. no music and the inability to pull up smallville episodes are perhaps part of the rules.

we'll likely never know the cause of it, because the AF will likely never find the cause.