Officials at Creech Air Force Base in Nevada knew for two weeks about a virus infecting the drone “cockpits” there. But they kept the information about the infection to themselves — leaving the unit that’s supposed to serve as the Air Force’s cybersecurity specialists in the dark. The network defenders at the 24th Air Force learned of the virus by reading about it in Danger Room.
The virus, which records the keystrokes of remote pilots as their drones fly over places like Afghanistan, is now receiving attention at the highest levels; the four-star general who oversees the Air Force’s networks was briefed on the infection this morning. But for weeks, it stayed (you will pardon the expression) below the radar: a local problem that local network administrators were determined to fix on their own.
“It was not highlighted to us,” says a source involved with Air Force network operations. “When your article came out, it was like, ‘What is this?’”
The drones are still flying over warzones from Afghanistan to Pakistan to Yemen. There’s no sign, yet, that the virus either damaged any of the systems associated with the remotely piloted aircraft or transmitted sensitive information outside the military chain of command — although three military insiders caution that a full-blown, high-level investigation into the virus is only now getting underway.
Nevertheless, the virus has sparked a bit of a firestorm in military circles. Not only were officials in charge kept out of the loop about an infection in America’s weapon and surveillance system of choice, but the surprise surrounding that infection highlights a flaw in the way the U.S. military secures its information infrastructure: There’s no one in the Defense Department with his hand on the network switch. In fact, there is no one switch to speak of.