A couple of stories about an Air Force cybersecurity lapse caught my attention recently and I thought I’d summarize what has happened at Creech Air Force Base in the last month or so.
Pilots at Creech Air Force Base remotely fly the US’ overseas drones using elaborate computer setups. This allows them to “Take out the Taliban and be home for dinner” as the New York Times put it. Unfortunately, sometime around late September, the computers’ security systems noticed a piece of malware installed in these sensitive systems. This keylogger captured all data entered into the computers used to fly the drones, but it is not known what it did with the data after that. It is also unknown how the malware found it’s way through the military’s so-called “Air Gap” which physically separates critical systems from the internet, with the intention of preventing situations like this from happening.
The worst part about this story is that higher-ups in the Air Force found out about the keylogger from a post on Wired Magazine’s “Danger Room” blog that cited anonymous sources at the base complaining that the keylogger kept on defying their attempts to erase it off the infected computers. This shows that the military has not yet done enough to prepare for the future of digital warfare and that more training is needed to make sure that situations like this one are reported and fixed immediately. Even if the keylogger was “nothing to worry about,” we are not sure when something that we need to worry about will be detected on our networks. What will the response be then?