Slashdot Mirror
US Drone Fleet Hit By Computer Virus
New submitter Golgafrinchan passes along this quote from an article at Wired:
"A computer virus has infected the cockpits of America's Predator and Reaper drones, logging pilots' every keystroke as they remotely fly missions over Afghanistan and other warzones. The virus, first detected nearly two weeks ago by the military's Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech's computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military's most important weapons system.'"
Don't run windoze on bombs!
Or aircraft carriers!
Will we never learn??
Ok, so I understand that these computers are to never be connected to the internet, but why does that mean that they don't put security software on them?
Yes, they would have to do updates manually, and it's a low risk situation, but it is a prime target for foreign adversaries and allies alike.
Don't know something? Look it up. Still don't know? Then ask.
The operating system should be embedded on a read only chip in these things. It's ridiculous to leave something like this vulnerable to a virus. It's aggravating to have to change the chip every time you want to upgrade but it's the best way of being sure it's secure. The system should be read only.
“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.”
If someone this incompetent was running a corporate network they'd have their ass on the street faster than they could say "network traffic analysis."
When they say the drones were infected, what they mean is that the computers controlling the drones (located in the US and which are, apparently, running Windows...) were infected with a keylogger, probably spread through flash drives. Whether this actually compromises security at all is unknown (keyloggers generally assume you are connected to the Internet, which these computers aren't.) They don't have much security on the drone computers because they aren't hooked up to the Internet, and they would (apparently) rather educate their users than bother with antivirus, for whatever reason (although they do have a security system on the network which detected the virus. I would imagine it also should have stopped the virus).
"None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
Ok, so you get some interns in a room and ask them to draw on the whiteboard the things to consider when designing a remote controlled killer robot.
What do you suppose the FIRST thing any intern is going to write up there in terms of things you need to worry about?
Make SURE the enemy can't hack your robots and turn them against you!
Well, when you start writing up how to accomplish that, you would want
1. A completely secure system for authenticating commands sent from the control system. The only form of encryption that is completely secure is one time pad.
2. NO POSSIBLE WAY for someone to load viruses or gain access to the control system!!! That means NO network access to anything but the systems that send and receive signals from the drone! And one heck of a hardware filter on those information packets!
The big problem is that the drones keep ordering refueling boom enlargement kits, and four of them tried to fly to Nigeria to collect on a half-million gallons of jet fuel that was left there by a former Minister of Aviation.
This post contains no rudeness or derision of any kind. All arguments are friendly. Terms and exclusions may apply.
These drones are so vulnerable, their use in combat is totally laughable. Iraqi insurgents could intercept their communications with $26 software! Two years ago! Their shit is apparently totally unencrypted, and as such, has now been exploited to the point where they are now able to infiltrate the control software.
http://online.wsj.com/article/SB126102247889095011.html?mod=WSJ_hp_us_mostpop_read
Next thing you know, these guys will turn the whole damn fleet of drones against us. Just what I wanted my tax dollars going toward, free fucking aerial suicide bombers for al Qaeda, drug cartels, and script kiddies.
...of military security holes'n'breaches.
It definetly deserves a read, or at least a glimpse. It's not just stuxnet and finely crafted computer warfare, it may be plain old viruses and tojans we deal with every day.
No, I sincerely doubt this is some mysterious computer intelligence taking over our military.
BUT... this is clearly the path to skynet. What we are seeing is what pretty much all of us already understood: when you have increasingly autonomous killbots, disaster becomes a question of "when" not "if."
This isn't exactly a new attack vector. Banks don't let people plug removable drives into sensitive systems - why does the US government?
You know what happened - either Joe private plugged his private pr0n collection into a classified computer, or else he took a classified drive home to use privately. Either was, really bad news.
If you've just got to have removable storage, then you pay for special connectors, so they are incompatible with anything else. Then you cast the guts in epoxy, so no solder jockey can change out the connector. This is not rocket science.
Enjoy life! This is not a dress rehearsal.
At least, that's the word on the street.
Please do not read this sig. Thank you.
Soon our enemies will fear sleek white plastic with rounded corners falling from the sky.
box of Kleenex $4
USB key $5
Satellite military uplink $150/hr
Hellfire missile $68,000
Predator MQ-1 Drone, $40 million
Being able to rain firey death from 10,000km away onto unsuspecting Afghan targets while a the same time masturbating on the internet: priceless
Seven puppies were harmed during the making of this post.
“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection
Unintentional pun . . . ? I think not!
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
"Infected via flash drives." "Educate the user."
Oh bullshit! Never, _ever_ trust a user.
Seriously, I worked IT at a call center. The first thing you did with the machines when they came in was log in to the BIOS, disable ports like COM & USB, and set a BIOS password. If the thing was shipped to us with a floppy or cd/dvd drive (they were ordered bare but sometimes Gateway f-d up), we would remove the hardware before putting them in service. They were also imaged for whatever floor they were scheduled to be on (outsourced call center - Comcast, ATT&T, Sprint, Hughes Sat.) and out they went.
Once, a Bell South supervisor memo'd and called upper management and said he had to have USB to save and transfer reports, etc. And BOOM, a virus went through the Bell South floor like shit through a goose. That was the end of "educating the user."
Never, ever trust a luser.
I'm not really a web designer, I just play one on the Internet.
No, you're not a troll. You're on point.
I love Linux, I hate Windows.
But it is not my religion.
Bottom line when it is this important you develop a specifically created OS. Like you said you create it, you control its use. Nobody else can!
Remember the days when the boys at Bell labs did stuff like that? What about the kids at Berkley?
Make your own OS!!
Now get off my lawn!
you write your own OS for military hardware.
The Kruger Dunning explains most post on
People may want to get into the habit of booting from a 'rescue CD' with a known-clean kernel, boot system and system binaries. Then using the 'rescue CD' to scan the computer's hard drive copies of system and boot files.
It might also be a good idea to keep the listing of critical filenames and their checksums on remote media, too.
Uh, Linux geek since 1999.
I'm not sure it matters who it is. What matters is that if you can intercept a keystroke, you can inject one, and that if you log sequences you know command sequences. That knowledge never needs to go anywhere outside the virus - if the virus catalogs how to do X, Y and Z then an unauthorized user merely needs to tell the virus that it is to replay the sequence to do X, Y or Z. The user doesn't need to know anything other than what macro does what.
For most nations, it just doesn't make sense to do this with any current mission - that we know of, at least. Scripting a drone attack only makes sense if the drone has attacked a point that the person who wrote the virus will want to attack in the future. This is great if you're a nation defending against an attacker overrunning your positions, since you can get the attacker's weapons to attack the attacker. But no current target nation has the capacity for such a strategy and even if they did it would be pointless. It wouldn't be useful at all in Libya, for example, and the draw-down in Afghanistan means the probability of there ever being a meaningful target is next to zero.
Israel is a remote possibility - they've the knowledge - and there are doubtless drone surveillance missions that the Israelies could turn into attacks and keep plausible denial. However, it's exceedingly remote. Most of their threats don't distinguish between the US and Israel, so plausible denial is pointless, and they've enough support to be able to obtain all the US-made drones they want. There's no obvious added value.
The Mexican drug cartels are hampered by drones, but not usually by the high-end military ones, and being able to launch a replay would be absolutely pointless. If they were to have the kind of savvy needed, it would more likely go into a logic bomb that would cripple the drone. It's just possible they'd want to divert a drone to some site of theirs so that they could use it for their own purposes, but you'd not want a logger for that. Makes no sense. Besides which, if they had that kind of skill, they wouldn't need cheap cop drones.
China? Maybe, but again if they wanted a Predator they'd be better off with a logic bomb that disabled the radios and landed the UAV somewhere they could pick it up from. They wouldn't use loggers because there'd be nothing worth logging.
This isn't making sense. The story so far is too illogical. Those with the skills would be doing something different, those who want to do what is claimed don't have the skills.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Military drones would presumably use something like Windows CE. (Non-classified drones do, from what little experience I have in the field.) Which, to be fair, would likely run a reasonable range of Windows programs. However, it's not fully compatible and cross-compilers are something of a necessity. It's possible it could be a generic binary but I'm going to guess that a custom build is the more likely.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)