Defense Official Confirms Cyber Attack

William Lynn

A senior defense official has confirmed that the breach of U.S. military networks as a result of an infected USB drive, which was placed into a military laptop in the Middle East in 2008.

In an article published today in Foreign Affairs, Deputy Defense Secretary William J. Lynn III writes malware was placed onto a flash drive by a foreign intelligence service and was uploaded onto DoD Central Command’s network.

“That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control,” he writes in the article. “It was a network administrator’s worst fear; a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary.”

The rest of Lynn’s article focuses on the DoD’s cyber strategy, including ways the department is looking to detect intruders and that DoD should provide support to the Department of Homeland Security in securing critical infrastructure.

The decision to declassify the incident is the first on-record comment that any foreign intelligence service was able to breach DoD networks. Some cyber experts say Lynn’s decision to go public is an effort to raise cyber awareness among the public and Congress.

Following the breach, DoD launched Operation Buckshot Yankee, and banned the use of USB drives on DoD networks, which has since been altered.

You may also be interested in...

Red Hat's David Egts: Open-Source Training, “˜Sense of Mission' Could Help Agencies Address Cyber Skills Gap

David Egts, chief technologist for Red Hat's North American public sector, has said there are several options …

HHS, Industry Aim to Help Health Organizations Mitigate Cyber Threats With New Publication

The Department of Health and Human Services has released a four-volume document that outlines 10 …

Cloud-Based Identity Tools, Mobile Device-Based Authentication Among Cyber Market Trends to Watch in 2019

Some of the trends in the cybersecurity market to watch in 2019 include the availability …