A senior defense official has confirmed that the breach of U.S. military networks as a result of an infected USB drive, which was placed into a military laptop in the Middle East in 2008.
In an article published today in Foreign Affairs, Deputy Defense Secretary William J. Lynn III writes malware was placed onto a flash drive by a foreign intelligence service and was uploaded onto DoD Central Command’s network.
“That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control,” he writes in the article. “It was a network administrator’s worst fear; a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary.”
The rest of Lynn’s article focuses on the DoD’s cyber strategy, including ways the department is looking to detect intruders and that DoD should provide support to the Department of Homeland Security in securing critical infrastructure.
The decision to declassify the incident is the first on-record comment that any foreign intelligence service was able to breach DoD networks. Some cyber experts say Lynn’s decision to go public is an effort to raise cyber awareness among the public and Congress.
Following the breach, DoD launched Operation Buckshot Yankee, and banned the use of USB drives on DoD networks, which has since been altered.