Amerikaanse drones besmet

Voor u gelezen:

De VS werkt al enig tijd met zogeheten drones: kleine vliegende robots die van grote afstand kunnen worden bestuurd. Vanuit de VS heeft Amerika via drones al een paar keer precisie-aanvallen uitgevoerd en zelfs heel gericht specifieke mensen in het Midden-Oosten geliquideerd. De Predator en Reaper drones blijken momenteel geïnfecnfecteerd te zijn met een virus. Voor zover valt na te gaan doen deze virussen niets anders dan keyloggen: ze leggen alle commando’s vast die de drones krijgen en sturen die naar elders door. Het is niet zeker of dat inderdaad het enige is dat het virus (of de virussen) doen. En vooral: hoe is de infectie tot stand gekomen? Betekent dat ook dat anderen de drones eventueel kunnen overnmen?

Wired heeft er een artikel over:


‘The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military’s most important weapons system. [..]

Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command. [..]

Some of the GCSs are classified secret, and used for conventional warzone surveillance duty. The GCSs handling more exotic operations are top secret. None of the remote cockpits are supposed to be connected to the public internet. Which means they are supposed to be largely immune to viruses and other network security threats. [..]

In the meantime, technicians at Creech are trying to get the virus off the GCS machines. It has not been easy. At first, they followed removal instructions posted on the website of the Kaspersky security firm. “But the virus kept coming back,” a source familiar with the infection says. Eventually, the technicians had to use a software tool called BCWipe to completely erase the GCS’ internal hard drives. “That meant rebuilding them from scratch” — a time-consuming effort.’


Aantal reacties: 90