So the entire drone fleet was hit by a virus (http://www.theatlanticwire.com/national/2011/10/virus-infecting-us-drone-fleet-came-mafia-wars/43623/) this month.

And WHY?



The bad news is it came from a small, possibly banned portable hard drive infected with "malware that is routinely used to steal log-in and password data from people who gamble or play games like Mafia Wars online," one source told the Associated Press.


So .. evidently one of the airmen was running a scam to steal login data, put it on his hard drive, then plonked it on a classified system! Which has made everyone's life in that industry a living hell, I imagine.

Ain't technology great, I say. Who knew Skynet was on facebook?

Respectfully,

Brian P.

I would have paid to see the face of the people who run mafia wars, when their offices were assaulted by a team of navy seals


because clearly, to me, that seems to be the most appropriate response to such a situation.

I would have paid to see the face of the people who run mafia wars, when their offices were assaulted by a team of navy seals


because clearly, to me, that seems to be the most appropriate response to such a situation.

Or at least the most awesome response.

Who knew Skynet was on facebook?

I DID! I TOLD PEOPLE BUT THEY WOULDN'T LISTEN! :smalleek:

0,o
just 0,o

how could someone in a position to handle sensitive material be that stupid?

Or at least the most awesome response.
Operation "Sleep With the Fishes" would be a cool name for that. Heck, that would be a cool operation name for anything. Better than "Iraqi Freedom" or whatever other boring political rubbish we seem fond of these days. If there are any generals reading this thread, suggest that next time we have to invade somewhere.

Hah! I laughed.

0,o
just 0,o

how could someone in a position to handle sensitive material be that stupid?

You would not believe.

Operation "Sleep With the Fishes" would be a cool name for that. Heck, that would be a cool operation name for anything. Better than "Iraqi Freedom" or whatever other boring political rubbish we seem fond of these days. If there are any generals reading this thread, suggest that next time we have to invade somewhere.

"My fellow Americans; early this morning, our brave troops launched the opening strikes of Operation Deep-Fried Purple Wombat Toenail, following the immensely successful preliminary assaults of Operation Ultimate Omega Motorcycle Wheelie. Our top generals predict less than a week of open fighting before we have pacified the enemy and move into the occupation phase of Operation Imma Really Bored Pentagon Staffer...

"My fellow Americans; early this morning, our brave troops launched the opening strikes of Operation Deep-Fried Purple Wombat Toenail, following the immensely successful preliminary assaults of Operation Ultimate Omega Motorcycle Wheelie. Our top generals predict less than a week of open fighting before we have pacified the enemy and move into the occupation phase of Operation Imma Really Bored Pentagon Staffer...
Now that is more like it!:smallbiggrin:

how could someone in a position to handle sensitive material be that stupid?

I'm more unclear on why a "secure" military computer has a USB port on it, to say nothing of Microsoft Windows. Those are decisions that a general made.

I'm more unclear on why a "secure" military computer has a USB port on it, to say nothing of Microsoft Windows. Those are decisions that a general made.

Because you want your military stuff to be actually, like, usable? And inventing whole new operating systems and ports just aren't worth the time and money, more so making them useful!

I'm more unclear on why a "secure" military computer has a USB port on it, to say nothing of Microsoft Windows. Those are decisions that a general made.

Most likely it's cheaper to buy off the shelf than to pay $XXXXXX for custom-made military hardware that doesn't even exist. Probably looked great on a balance sheet, so long as you trust your people to behave in a trustworthy manner.

Also, I'll wager the average general has the technical savvy of a turnip. The policy was probably built on the standard DOD IT policies -- however those are formulated -- and then rubberstamped by a person who had a mission to complete.

Respectfully,

Brian P.

Because you want your military stuff to be actually, like, usable?

No, you want military hardware to be secure. You shouldn't be flying off with a drone aircraft if there is even a possibility that the enemy can make the drone empty its ammo at the home base on takeoff or return. Evidently that's what's going to have to happen before they realize that they need to do basic stuff like encrypting their video feed.

Your bank knows better than this (despite also being run by Luddites). Why doesn't your military?

Well, MY military has next to no drones.

But you have to remember, the Military has a budget! And computers are expensive, no matter what you do.

Ain't technology great, I say. Who knew Skynet was on facebook?


I DID! I TOLD PEOPLE BUT THEY WOULDN'T LISTEN! :smalleek:

Well Google is on Facebook, and as everyone knows, Google = Skynet. So therefore, Skynet is on Facebook, and Hakuri was correct.

But you have to remember, the Military has a budget! And computers are expensive, no matter what you do.

The military has one of the largest budgets in the world. (The US military, at least) if banks have better security (as this person claims) than banks... yeah, that's kinda awkward.

Most likely it's cheaper to buy off the shelf than to pay $XXXXXX for custom-made military hardware that doesn't even exist. Probably looked great on a balance sheet, so long as you trust your people to behave in a trustworthy manner.


To say nothing of resale value. If it's usable only by us, when we make the next, newer, better line of drones, we can't sell the old ones to third parties. Lots of people would be quite happy to buy secondhand, not-quite-cutting-edge, materials. But if it's a really secure, uniquely-designed hardware/software combination, it couldn't easily be integrated into the rest of the buyer's own systems.

Also, I'll wager the average general has the technical savvy of a turnip. The policy was probably built on the standard DOD IT policies -- however those are formulated -- and then rubberstamped by a person who had a mission to complete.

Respectfully,

Brian P.

While most people have the tech savvy of a turnip, I can confirm that what happened is AGAINST policy.

the US military budget currently outstrips most country's entire gdp, and is more than 6x higher than the next country over.the idea that its a budget issue is laughable.

"My fellow Americans; early this morning, our brave troops launched the opening strikes of Operation Deep-Fried Purple Wombat Toenail, following the immensely successful preliminary assaults of Operation Ultimate Omega Motorcycle Wheelie. Our top generals predict less than a week of open fighting before we have pacified the enemy and move into the occupation phase of Operation Imma Really Bored Pentagon Staffer...

I really think that militaries across the world should start using names like this, because who wouldn't want to sign up if they were promised a position in Operation "Ultimate Omega Motorcycle Wheelie"? :smallbiggrin:

So the entire drone fleet was hit by a virus (http://www.theatlanticwire.com/national/2011/10/virus-infecting-us-drone-fleet-came-mafia-wars/43623/) this month.

And WHY?



So .. evidently one of the airmen was running a scam to steal login data, put it on his hard drive, then plonked it on a classified system! Which has made everyone's life in that industry a living hell, I imagine.

Ain't technology great, I say. Who knew Skynet was on facebook?

Respectfully,

Brian P.

Well now, it doesn't mean he was necessarily running the scam. He coulda just been infected. That seems rather more likely.

No, you want military hardware to be secure. You shouldn't be flying off with a drone aircraft if there is even a possibility that the enemy can make the drone empty its ammo at the home base on takeoff or return. Evidently that's what's going to have to happen before they realize that they need to do basic stuff like encrypting their video feed.

Your bank knows better than this (despite also being run by Luddites). Why doesn't your military?

My idea: Overconfidence. "Nah, it won't happen", or "Of course it's secure. Our systems are da best".
Despite the previous lessons, overconfidence is still one of the most common mistakes you can find in military approach to potential problems.

Here is a much less sensationalized version of the story.

http://www.foxnews.com/scitech/2011/10/07/us-military-drones-infected-with-mysterious-computer-virus/

"Military efforts to clear it form the system" sounds like they went INTO the computer, Tron-style. Now wouldn't that have been awesome?

Well, if I don't remember it wrong we had an officer who openly had stacks of top-secret documents in his home. He was found out when he forgot some in a cab and they visited his home to ask some questions. We also had an occurrence where a nurse brought home paper with sensitive patient information, wrote an angry note on the backside, and put it up in the washingmachine-room.
*Sweden*

I don't doubt that you can get your hands on quite a lot of things with some cash and a little luck. You only need to find the weak link in the chain.
You could of course implant a weak link in the chain, but that would probably be harder.

Ain't technology great, I say. Who knew Skynet was on facebook?

Respectfully,

Brian P.

Fleshy human, you will decease in spreading these rumours. End statement.

the US military budget currently outstrips most country's entire gdp, and is more than 6x higher than the next country over.the idea that its a budget issue is laughable.

With respect, that's not actually true.

The US military pays for things like F-35s, F-22s, 10 full-size aircraft carriers, and 10 armored divisions. It trains to fight two regional-sized wars at the same time. We are, in fact, fighting two and participating in various other endeavors at the same time.

The US military has a big budget, but it also has big expenses. And as in any organization, the funds are not distributed equally. Instead, high-profile projects with sponsors and political support get -- and waste -- the majority of the money while the rest of the military makes do. Ask someone going through Tricare about how lavishly funded and well-supported their medical care is , for example.

Wikipedia has a writeup on the 2010 budget (http://en.wikipedia.org/wiki/Military_budget_of_the_United_States#Budget_for_20 10), if anyone's interested.



Fleshy human, you will decease in spreading these rumours. End statement.


Statement: 0x6e0x6f .

Respectfully,

Brian P.

With respect, that's not actually true.

No, everything he said IS true.

This story is overblown, and is NOT really a case of a terrible budget issue causing a disaster. It seems like it's being handled in a perfectly rational fashion and is not disrupting anything important. So...I don't see any reason to fault lack of budget here.

So .. evidently one of the airmen was running a scam to steal login data, put it on his hard drive, then plonked it on a classified system! Which has made everyone's life in that industry a living hell, I imagine.

The article doesn't suggest that at all. It is actually a program used to steal the information from the computer it is installed on.


Here is a much less sensationalized version of the story.

http://www.foxnews.com/scitech/2011/10/07/us-military-drones-infected-with-mysterious-computer-virus/

I'd hardly call Faux News reliable. However, Wired have covered the story as well (http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/).

The article doesn't suggest that at all. It is actually a program used to steal the information from the computer it is installed on.


The program isn't a boot sector virus, is it? Then the only way it could get onto the system is if someone willingly copied a file from his internet computer onto this one.

So I agree that it's not a budget problem. The problem is that someone A) signed a promise to conform to the IT policies and B) didn't do it. No amount of budget will fix that, I think.

Respectfully,

Brian P.

The program isn't a boot sector virus, is it? Then the only way it could get onto the system is if someone willingly copied a file from his internet computer onto this one.

So I agree that it's not a budget problem. The problem is that someone A) signed a promise to conform to the IT policies and B) didn't do it. No amount of budget will fix that, I think.

Respectfully,

Brian P.

The specific method the software uses to infect wasn't mentioned. What was mentioned was that the payload was a keylogger, it was logging every keystroke they made and attempting to send that information out.

The article also mentioned that the assumed mode of infection was through an external hard drive, which that office was explicitly allowed to use to copy updated maps onto the system.

I'm more unclear on why a "secure" military computer has a USB port on it, to say nothing of Microsoft Windows. Those are decisions that a general made.

But when I install a Microsoft program, well at least a Windows OS, it usually tells me *not* to use it to program weapons systems like missiles and stuff. :smallconfused: