eSecurity Planet takes a look at the breach, Lynn’s assessment of the threat, and what lessons the country — along with enterprises and other organizations that want to keep their data safe and secure — can learn from the incident.
In what one U.S. official termed the “most significant” breach of the country’s defense systems, a foreign agent in 2008 managed to infect military computers and swipe critical data on the wars in Iraq and Afghanistan.
Their tool of choice: An innocuous flash drive that spread malware through U.S. military computers.
As U.S. Deputy Secretary of Defense William Lynn III revealed in a column this week, the breach had the Defense Department scrambling, moving quickly to ban all flash and removable media from its computers to thwart future leaks. But securing the nation’s military infrastructure — a sprawling collection of networks that include more than 7 million computers and mobile devices — is no simple task, Lynn pointed out.
A foreign intelligence agent in 2008 managed to pull off the “most significant breach of U.S. military computers” in history by using a cigarette-lighter-sized portable flash drive to infect computers used by Central Command to oversee combat activities in Iraq and Afghanistan, according to a U.S. defense official.
“It was a network administrator’s worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary,” U.S. Deputy Secretary of Defense William Lynn III wrote this week in the September/October issue of the journal Foreign Affairs.