The commentariate were right, all hail the mob
More information has come out in the public sphere about the virus infection plaguing the Air Force’s drone control hub at Creech Air Force Base. Turns out the virus was simple malware introduced into the system when a person connected a removable media storage device into the system, which is an unauthorized action under current policy. The military rumor mill has the idiot’s excuse something like, “I was just recharging my Ipad.”
Creech personnel further exacerbated the situation by failing to inform Air Force cyber-security specialists in a timely manner, allowing the virus to spread uncontrolled for over two weeks. The Air Force has announced that its practice of allowing removable media to facilitate the transfer of flight data is under review. The base was one of only a handful of facilities that allowed the necessary drivers for data transmission through USB, most other facilities uninstalled those drivers after a virus was released via USB inside the Pentagon in early 2003(ish).
In addition, a memo has begun to circulate around the military stating the legal consequences of attaching unauthorized data transfer devices to military systems and the negative security effects of doing so.
So no foreign intelligence high fives occurred (thank the space teacup), now it’s just another case of Johnny American giving himself a good slap to his own forehead, The Stupid, it burns.
(Source: The Envoy)
7 comments
Skip to comment form ↓
geocatherder
October 14, 2011 at 07:45 (UTC -4) Link to this comment
AAAAGGGGHHHH!!!!
michael
October 14, 2011 at 10:35 (UTC -4) Link to this comment
That’s the cover story – I wonder what really happened.
rpsms
October 14, 2011 at 13:46 (UTC -4) Link to this comment
The real story? Porn.
Glodson
October 14, 2011 at 16:42 (UTC -4) Link to this comment
I was thinking the same thing.
Marcus Ranum
October 16, 2011 at 16:36 (UTC -4) Link to this comment
I’m not aware of any “ordinary” malware that will infect a Windows system via an iPad’s USB. FWIW.
If the system is configured so that it’s even possible to run a browser on it, that would be an absolutely horrible oversight. FFS, set up an unsecure wireless with internet access and let the airmen bring in their own iPads and surf porn with them, but take a big old tube of epoxy and a couple of cut cable-ends and epoxy them into the external USB ports of the system. Or use something like utimaco that allows you to administrator-lock USB ports. This is just basic stuff. Whoever set that system up, knowing it was going to have airmen using it, screwed the pooch bigtime.
Assassin Actual
October 18, 2011 at 04:16 (UTC -4) Link to this comment
I have no idea if it was an Ipad, my only link to what goes on in this situation is a Red Net wiki, though the debate going on over at that page has been intresting.
passerby
October 17, 2011 at 09:14 (UTC -4) Link to this comment
It’s sometimes painful to explain to the ‘non-computer’ people in a section why you can’t hook up USB drives.
“But I didn’t get a virus.”
“But I wasn’t looking at porn.”
“But it was only in for a few seconds.”
“You can’t get a virus from a USB, viruses are on the internet.”
All of those were things I’ve dealt with. All of them gave me a strong desire to kick the offender in the unmentionables.