The US Air Force has issued a statement insisting that the malware that affected Ground Control Stations of US Predator and Reaper UAS, was “more of a nuisance than an operational threat.” The ability of pilots to remotely fly the aircraft from Creech Air Force Base in Nevada “remained secure throughout the incident.”
“On 15 September, 24th AF first detected and subsequently notified Creech AFB regarding the malware,” the service said. “The Air Force then began a forensic process to track the origin of the malware and clean the infected systems.”
The Air Force didn’t say whether the clean-up process had been completed; insiders report that the infection has been particularly difficult to remove, requiring hard drives to be erased and rebuilt.
They said it was first noticed on “a stand-alone mission support network using a Windows-based operating system.” And they called it “a credential stealer,” transmitted by portable hard drives. (Security specialists had previously identified it as a programme that logged pilots’ keystrokes.) “Our tools and processes detect this type of malware as soon as it appears on the system, preventing further reach,” the Air Force added.
The malware “is routinely used to steal log-in and password data from people who gamble or play games like Mafia Wars online,” noted the Associated Press, relying on the word of an anonymous defense official. That official did not explain why drone crews were playing Mafia Wars or similar games during their overseas missions.
Source: Wired Danger Room