Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Air Force Officials Share Details on Malware That Infected Drone Systems

Air Force officials revealed more details about a malware infection that impacted systems at the Creech Air Force Base in Nevada.

The malware attack received media attention last week when Wired.com reported malware had infected the cockpits of fighter drones used by the Air Force. Citing sources on the base, Wired reported that the malware was first discovered in September and had resisted attempts to clean computer systems.

Air Force officials revealed more details about a malware infection that impacted systems at the Creech Air Force Base in Nevada.

The malware attack received media attention last week when Wired.com reported malware had infected the cockpits of fighter drones used by the Air Force. Citing sources on the base, Wired reported that the malware was first discovered in September and had resisted attempts to clean computer systems.

Air Force DroneAccording to the Air Force, the 24th Air Force (24th AF) first detected the malware – which they characterized as a “credential stealer” as opposed to a keylogger as originally reported – and notified Creech Air Force Base officials Sept. 15 that malware was found on portable hard drives approved for transferring information between systems.

The infected computers were part of the ground control system that supports remotely-piloted aircraft (RPA) operations. The malware is not designed to transmit data or video or corrupt any files, programs or data, according to the Air Force, which explained the infected computers were part of the ground control system that supports drone flight operations. The ground system is separate from the flight control system used by RPA pilots to fly the aircrafts.

Related Reading: The Veterans of the Future will be Those in Computer-Based Combat

Military drones have played a significant role in the War on Terror and operations associated with the wars in Afghanistan and Iraq. Due to the classified nature of the drone program, military officials had been relatively tight lipped about the incident during the past several days. However, Col. Kathleen Cook, spokesperson for Air Force Space Command, said it was important to “declassify portions of the information associated with this event to ensure the public understands that the detected and quarantined virus posed no threat to our operational mission and that control of our remotely piloted aircraft was never in question.”

In comments to the Associated Press, one defense official reportedly characterized the malware as the type used to steal log-in and password information for online games such as Mafia Wars.

“We continue to strengthen our cyber defenses, using the latest anti-virus software and other methods to protect Air Force resources and assure our ability to execute Air Force missions,” Cook said in a statement. “Continued education and training of all users will also help reduce the threat of malware to Department of Defense systems.”

Related Reading: Guerilla Cyber Warfare: Are We Thinking Defensively?

Advertisement. Scroll to continue reading.

Related Reading: Code Wars: The Cold War Gone Tech

Related Reading: iPhone App Helps Train U.S. Army Patriot Missile Crews

Related Reading: ‘Network in Box’ Brings Connectivity to Warfighters at the Edge of the Battlefield

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Cyberwarfare

An engineer recruited by intelligence services reportedly used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.