US Deputy Secretary of Defense confirms virus attack

William Lynn
Source: defense.gov In an article published by the Council on Foreign Relations, the United States Deputy Secretary of Defense, William J. Lynn, has confirmed that in 2008 the US army was the target of a serious security breach. Because of this attack, from November 2008 onward, military staff were no longer allowed to use USB Flash drives. While the background of this directive was previously only reported by Wired magazine and by the Los Angeles Times, it has now been confirmed by the US Department of Defense's second in command.

In the specialist Foreign Affairs magazine, Lynn writes that in 2008 an infected USB Flash drive was connected to a laptop at a US military base in the Middle East. According to Lynn, the malicious code, which apparently originated from a foreign intelligence service, uploaded itself to a network run by the Central Command, the US regional command for the Middle East, forming a "digital beachhead". Data was then transferred from that entry point to a server under foreign control. "It was a network administrator's worst fear", said Lynn.

In 2008, Russia was suspected of having injected the virus into the US military network, although Lynn didn't confirm this suspicion. However, he did say that the incident wasn't the only successful attack on US military networks. Reportedly attackers managed to acquire important documents including weapons blueprints, operational plans, and surveillance data.

The Deputy Secretary of Defense described the incident as the most significant breach of US military computers ever. George W. Bush, who was the US President at the time, was given specific details about this incident. Lynn said the Pentagon's operation to counter the attack, known as Operation Buckshot Yankee, marked a turning point in US cyber defence strategy. In the past few months, the US government is said to have taken various steps to improve the protection of the US infrastructure.

(crve)