Close this Advertisement

Malware attack leaves Pentagon scrambling for answers

Pentagon officials have acknowledged that the malware known as Agent.btz recently affected some Defense Department systems. Although it has been in circulation for several months, the malware was not yet known to have penetrated military networks.

The incident has left DOD officials scrambling to clean infected systems, institute new policy and security measures to thwart future incidents, and perform forensics to discover the source of the attack.

The issue was serious enough to prompt Adm. Mike Mullen, chairman of the Joint Chiefs of Staff, to brief President Bush and Defense Secretary Robert Gates last week on the incident.

DOD has not provided many details on the extent of the incident or whether the malware could have harmed systems that are critical to national security. Reports have indicated that the malware infected Central Command computers used by U.S. forces in Iraq and Afghanistan. According to one report, nearly three-quarters of the computers at the largest U.S. military base in Afghanistan were affected. Other computers and networks were apparently affected as well.

Pentagon officials responded by implementing a policy that prohibits the use of most types of portable data-storage media on government computers, particularly USB-based thumb or flash drives, memory sticks, and camera flash memory cards. Malware, viruses and other attack software can propagate via the thumb drives from one machine to another.

Although warranted, the policy creates a hardship for warfighters in the field, who often carry critical data on flash drives in areas in which conditions do not allow for reliable wireless computer communications. The new policy makes it more difficult to share information within a war theater.

Implementing such a policy requires a combination of technical measures and education.

Whether state-sponsored or otherwise, hackers who use malware, viruses and other methods to shut down computers, compromise data or steal information frequently target military computers and networks. The Agent.btz malware is a variation of a worm that surfaced in 2005, but the latest iteration appears to have been designed specifically to target military networks.

About the Author

Dan Campbell is a freelance writer with Defense Systems' sister publication, Government Computer News.

Related Articles

Reader Comments

Wed, Dec 24, 2008 Think OPSEC!

The adversary desires our sensitive but unclassified critical information. Providing details about just how effective or non-effective this malware is/was on DOD systems must NOT be shared with in blogosphere. Think OPSEC! Do you really need to vent to the enemy?

Thu, Dec 4, 2008 Eddie

We've not had the capability to use flash media in our office for quite some time. We've been using DVDRW and CDRW discs to move information. It's a bit slower, but we've found the incidence of data spills across networks has significantly decreased. I'm thinking it's because with the slower drives people have more time to think about what they're doing, versus just dumping files quickly and wrecklessly to a flash drive.

Wed, Dec 3, 2008 RSB Fort Huachuca, Arizona

On my desk there is Windows XP and RHEL 5.2. The Security Enhanced Linux does not seem to be vulnerable to this exploit. Yet the Army in the fullness of their wisdom is spending millions in a quest to make their world safe for Windows.

Wed, Dec 3, 2008 Samuel H. Cohen DCMA NY, Staten Island, NY

I have informed the DCMA Helpdesk of repeated interruptions while doing telework on my home computer. I had to repeat a 1.5 hour report 6 times before completion. This problem has been ongoing for several months.

Wed, Dec 3, 2008 peeved

With all the information technology afforded to DOD you would have thought this could have been avoided. I've got no way to now keep records on our contractor!Everything that was in the thumbdrive they took was in the notebook PC I had till yesterday. It is taking me longer to transpose notes to the PC on my desk than it does to actually drive to the contractor worksite and inspect them. For every hour of inpection it takes 2 to document. Then I've got no room for all the paper documents I used to scan and file on the computer! Nice! I agree with Attila T Hun - this was predictable and we have not learned anything in 20+ years!

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Amber Corrin's Inside DOD Blog

Related Webcasts

Related Whitepapers

Related Podcasts

Related Resources

Webcast

  • Using Big Data Tools to Manage the Deluge of ISR Data

    Defense IT professionals and other data-driven agencies are turning to new methods to capture, process and analyze new volumes of data and insure they are maximizing its value. This webinar will explore how cloud tools and infrastructures have created new opportunities to share, collaborate and accelerate decision making across agencies and geographic regions. A Government expert will explore the broader ISR situation and challenge as it exists in the military today, and how Big Data tools can be used to tame that data and make it usable to the warfighter on a real-time or near-real-time basis. Read more

More Webcasts