Although US military networks are attacked all the time, it took a successful thumb-drive assault on the Pentagon in 2008 to convince the US military to revise its cybersecurity strategy, according to a published report.
The attack, which planted malicious software within the Defense Department's Central Command, could deliver US military operational plans to foreign servers, according to an article in the Washington Post Wednesday. The story is based on an article scheduled to be published later today in Foreign Affairs journal.
The author of the Foreign Affairs article, Deputy Defense Secretary William J. Lynn III, says the incident led to the current Pentagon strategy of "active defence", which features enhanced ways to find network intruders.
In addition to the 2008 attack, Lynn says counterfeit networking gear capable of manipulating the network from outside had also been discovered, but he didn't supply details.
The 2008 infection came from a thumb drive inserted in a laptop in the Middle East that attached to a military network. Malware uploaded itself into the network and spread to Central Command and both classified and unclassified networks, the Post story says. Reports about the incident at the time had officials pinning blame on Russia, the story says.
The Post quotes a former intelligence official as saying that infecting command and control networks could result in changing orders. But he also says the military has recognised weaknesses and is working to correct them.
The story says that Lynn recommends that the Pentagon should support protecting critical industry networks, presumably those controlling power grids and fuel supplies.