Malware Targets U.S. Military Computers -- Redmondmag.com

Malware Targets U.S. Military Computers

By Dan Campbell
12/02/2008

Pentagon officials acknowledged that the malware known as Agent.btz recently affected some Defense Department systems. Although it has been in circulation for several months, the malware had not yet been known to penetrate military networks.

The incident has left DOD officials scrambling to clean infected systems, institute new policy and security measures to thwart future incidents, and perform forensics to discover the source of the attack.

The issue was serious enough to prompt Adm. Mike Mullen, chairman of the Joint Chiefs of Staff, to brief President Bush and Defense Secretary Robert Gates last week on the incident.

DOD has not provided many details on the extent of the incident or whether the malware could have harmed systems that are critical to national security. Reports have indicated that the malware infected Central Command computers used by U.S. forces in Iraq and Afghanistan. According to one report, nearly three-quarters of the computers at the largest U.S. military base in Afghanistan were affected. Other computers and networks were apparently affected as well.

Pentagon officials responded by implementing a policy that prohibits the use of most types of portable data-storage media on government computers, particularly USB-based thumb or flash drives, memory sticks, and camera flash memory cards. Malware, viruses and other attack software can propagate via the thumb drives from one machine to another.

Although warranted, the policy creates a hardship for warfighters in the field, who often carry critical data on flash drives in areas in which conditions do not allow for reliable wireless computer communications. The new policy makes it more difficult to share information within a war theater.

Implementing such a policy requires a combination of technical measures and education. Whether state-sponsored or otherwise, hackers who use malware, viruses and other methods to shut down computers, compromise data or steal information frequently target military computers and networks.

The Agent.btz malware is a variation of a worm that surfaced in 2005, but the latest iteration appears to have been designed specifically to target military networks.

Featured

Choosing the Right SSID for Your Network

Attracting attention, whether through a default or funny Wi-Fi name, could lead to a security issue.
Microsoft Outlines Latest Security Efforts at Ignite

In the wake of last year's CrowdStrike incident, Microsoft has worked to publicly rehabilitate its security image through new initiatives and public commitments to improve. That push continued this week at Ignite, where Microsoft announced a handful of new security tools and updates.
Nadella on Copilot: 'Major Platform Shifts Are in the Air'

As should be no surprise, Copilot took center stage during Microsoft CEO Satya Nadella's keynote speech to open Microsoft Ignite 2024.
Azure AI Foundry Revealed at Microsoft Ignite

Microsoft is consolidating its Azure generative AI tools into a unified platform named Azure AI Foundry.
Microsoft Bolsters Fabric at Ignite

While Fabric has improved in the year since its release, there are still some glaring issues with the platform.