Stuxnet: Anatomy of a Computer Virus on Vimeo

Stuxnet: Anatomy of a Computer Virus on Vimeo.

From Patrick Clair a year ago, a quick and excellent look at the troubling Stuxnet virus. It has since been confirmed that the United States and Israel were behind its use against Iran’s nuclear facilities. The question is now, what have we unleashed?

An infographic dissecting the nature and ramifications of Stuxnet, the first weapon made entirely out of code. This was produced for Australian TV program HungryBeat.

Stuxnet: Anatomy of a Computer Virus from Patrick Clair on Vimeo.

Related articles

• Stuxnet is Back ! Iran reported another cyber attack (techdistro.wordpress.com)
• Feds intensify probe into leaks of classified data related to Stuxnet computer virus (triblive.com)
• Cyber Warfare (drakeequation.wordpress.com)
• Feds investigate Stuxnet leak (upi.com)
• Is This the Son of Stuxnet? (blogs.the-american-interest.com)
• Dorner manhunt: $1-million reward expected to be offered – Los Angeles Times (latimesblogs.latimes.com)

Israel, US collaborated in creation of ‘Flame’ virus to slow Iran’s nuke efforts, report says

Israel, US collaborated in creation of ‘Flame’ virus to slow Iran’s nuke efforts, report says | Fox News.

June 19, 2012

FoxNews.com

• 

  May 28, 2012: A screenshot from researchers at Kaspersky Labs shows the code behind Flame, called “the most sophisticated cyber weapon yet unleashed.” (KASPERSKY LABS)

Israel and the United States collaborated in the development of the powerful computer virus dubbed the “Flame,” which briefly affected Iran’s key oil industry, an official with knowledge of the effort said.

The Washington Post reports that the massive piece of malware, which collected critical intelligence information from Iran, was created with the aim of slowing the country’s suspected nuclear weapon development.

The Worm.Win32.Flame threat, or “Flame” for short, was likely built by the same nation-state responsible for the Stuxnet virus that targeted Iran’s nuclear power plant in 2010. Many suspect Stuxnet was the work of Israeli intelligence.

Flame has unprecedented data-snatching capabilities and can eavesdrop on computer users, a senior Iranian military official told the Associated Press.

The virus was designed to send back a stream of information used for an ongoing cyberwarfare campaign by secretly mapping and monitoring Iran’s computer networks, the Washingonton Post reported.

The virus can activate a computer’s audio systems to listen in on Skype calls or office chatter. It can also take screenshots, log keystrokes and — in one of its more novel functions — steal data from Bluetooth-enabled cellphones.

“Our current working theory is that flame and Stuxnet were parallel projects,” Roel Schouwenberg, a senior security researcher with Kaspersky Labs, told FoxNews.com. “Whoever commissioned Stuxnet also commissioned Flame.”

That cyberattack was very specific, however, while the Flame attack is broad, having been detected in more than half a dozen countries already: Hungary, Iran, and Lebanon, Austria, Russia, Hong Kong, and the United Arab Emirates, as well the Palestinian West Bank.

“Flame is a cyberespionage operation,” he told FoxNews.com.

Iran’s government-run Computer Emergency Response Team Coordination Center has said the highly sophisticated Flame virus appeared linked to espionage, but cited no specific country or source.

Ali Hakim Javadi, Iran’s deputy Minister of Communications and Information Technology, was quoted by the official IRNA news agency last month as saying that Iranian experts have already produced an anti-virus capable of identifying and removing Flame from computers.

The Associated Press contributed to this report.

English: Symbolic image depicting the computer virus Stuxnet (Photo credit: Wikipedia)

Read more:
http://www.foxnews.com/scitech/2012/06/19/israel-us-collaborated-in-creation-flame-virus-to-slow-iran-nuke-efforts-report/#ixzz1yKDLRBbQ

Related articles

• Confirmed: Flame created by US and Israel to slow Iranian nuke program (arstechnica.com)
• Confirming What We Already Knew:WAPO HS, Israel Developed Flame Virus (revolutioninmedia.com)
• Leak: Usa, Israel Created ‘Flame’ Virus Aimed at Iran (investmentwatchblog.com)

Stuxnet: Anatomy of a Computer Virus

Stuxnet: Anatomy of a Computer Virus – YouTube.

A short film that explains Stuxnet clearly.

And do not wait 10 years to fond out who created it. We might not know the whole truth but the finger points at an Israel / USA collaboration.

The Stuxnet virus is the first war weapon made entirely of computer code.

Also, there is speculation that it was responsible for the failure of the reactors at Fukushima, as the virus targets Siemens control systems that failed at Fukushima.

 

Related articles

• You: Flame virus linked to Stuxnet (nation.com.pk)
• Leak: Usa, Israel Created ‘Flame’ Virus Aimed at Iran (investmentwatchblog.com)
• Expose the US virus war machine (dickdestiny.com)

Did the terrorist state of Israel Just Kill Us All ?

Did the terrorist state of Israel Just Kill Us All??? – YouTube.

With thanks to Genie

Do you really think that this is far-fetched ?  Think about it: The video is telling the truth. Stuxnet was designed to incapacitate a nuclear power plant (Iran). Do you really believe that the Iranians are that stupid ? That they cannot figure how to reverse engineer the virus and re-release it ?

Related articles

• Mossad Wants Credit for Stuxnet (talesfromthelou.wordpress.com)
• Obama’s virus wars: mutually assured cyber-destruction | Richard Silverstein (guardian.co.uk)
• Flame and Stuxnet show Obama’s commitment to Chinese cyberwar (theweek.co.uk)

Mossad Wants Credit for Stuxnet

Mossad Wants Credit for Stuxnet.

Flame 2233656b …item 3.. Flame turns an infected computer into a kind of ‘industrial vacuum cleaner,’ (29 May 2012) …item 4B..Look For a Star – Billy Vaughn and His Orchestra .. (Photo credit: marsmet543)

Source: The Atlantic

Israel’s officials have a message for anyone praising the CIA for its sophisticated cyber attack on Iran: It was our baby. The Stuxnet computer worm, described by David Sanger in The New York Times last week as an invention by the Bush administration, was actually developed by Mossad, according to Israeli officials speaking with Haaretz journalist Yossi Melman on condition of anonymity:

The Israeli officials actually told me a different version. They said that it was Israeli intelligence that began, a few years earlier, a cyberspace campaign to damage and slow down Iran’s nuclear intentions. And only later they managed to convince the USA to consider a joint operation — which, at the time, was unheard of.

The irony of course is that both U.S. and Israeli officials spent years denying knowledge of who carried out the attacks, which reportedly destroyed thousands of Iran’s centrifuges, ever since it became public in 2010. Now that it’s out, it’s time to claim credit! Of course, if you read Sanger’s account, he certainly doesn’t diminish the expertise of Israel’s spies:

Israel’s Unit 8200, a part of its military, had technical expertise that rivaled the N.S.A.’s, and the Israelis had deep intelligence about operations at Natanz that would be vital to making the cyberattack a success.

Regardless, these Israeli officials say Sanger’s account was too generous to the CIA. Amusingly, one of the officials tries to play it cool, in his remark to Melman:

My Israeli sources understand the sensitivity and the timing of the issue and are not going to be dragged into a battle over taking credit. “We know that it is the presidential election season,” one Israeli added, ”and don’t want to spoil the party for President Obama and his officials, who shared in a twisted and manipulated way some of the behind-the-scenes secrets of the success of cyberwar.”

Translation: We don’t need to tell anyone we’re the ones responsible for Stuxnet, but just so you know, we’re responsible for Stuxnet.

‘End of the world as we know it’: Kaspersky warns of cyber-terror apocalypse

‘End of the world as we know it’: Kaspersky warns of cyber-terror apocalypse — RT.

06 June, 2012, 18:54

RIA Nobvosti/Sergey Guneev

TAGS: Conflict, SciTech, Middle East, Terrorism, Internet, Information Technology, Security

After his eponymously-named lab discovered Flame, “the most sophisticated cyber weapon yet unleashed,” Eugene Kaspersky believes that the evolving threat of “cyber terrorism” could spell the end of life on Earth as we know it.

­Doomsday scenarios are a common occurrence in 2012, but coming from a steely-eyed realist like Eugene Kaspersky, his calls for a global effort to halt emerging cyber threats should raise alarm bells.

A global Internet blackout and crippling attacks against key infrastructure are among two possible cyber-pandemics he outlined.

“It’s not cyber war, it’s cyber terrorism, and I’m afraid the game is just beginning. Very soon, many countries around the world will know it beyond a shadow of a doubt,” Kaspersky told reporters at a Tel Aviv University cyber security conference.

“I’m afraid it will be the end of the world as we know it,” he warned. “I’m scared, believe me.”

His stark warning came soon after researchers at Kaspersky Lab unearthed Flame, possibly the most complex cyber threat ever.  While the espionage toolkit infected systems across the Middle East, Iran appears to have been its primary target.

Flame seems to be a continuation of Stuxnet, the revolutionary infrastructure-sabotaging computer worm that made mincemeat of Iran’s uranium enrichment facility at Natanz in 2009-2010.

As Flame is capable of recording audio via a microphone, taking screen shots, turning Bluetooth-enabled computers into beacons to download names and phone numbers from other Bluetooth enabled devices, Kaspersky is certain that a nation-station is behind the cyber espionage virus.

While Kaspersky says that the United States, Britain, India, Israel, China and Russia are among the countries capable of developing such software, which he estimates cost $100 million to develop, he did not limit the threat to these states.

“Even those countries that do not yet have the necessary expertise [to create a virus like Flame] can employ engineers or kidnap them, or turn to hackers for help.”

Like Stuxnet, Flame attacks Windows operating systems.  Considering this reality, Kaspersky was emphatic: “Software that manages industrial systems or transportation or power grids or air traffic must be based on secure operating systems. Forget about Microsoft, Linux or Unix.”

Kaspersky believes the evolution from cyber war to cyber terrorism comes from the indiscriminate nature of cyber weapons. Very much like a modern-day Pandora’s Box, Flame and other forms of malware cannot be controlled upon release. Faced with a replicating threat that knows no national boundaries, cyber weapons can take down infrastructure around the world, hurting scores of innocent victims along the way.

Kaspersky believes that it necessary to view cyber weapons with the same seriousness as chemical, biological and even nuclear threats.  Mutually assured destruction should exclude them from the arsenals of nation states.

The apocalyptic scenario he painted is fit for the silver screen.  No surprise then, that it was a film that converted him to the idea that cyber terrorism was a clear and present danger.

By his own admission, Kaspersky watched the 2007 Film Live Free or Die Hard with a glass of whiskey in one hand and a cigarette in the other shouting:  “Why are you telling them [how to do this]?”

The film’s plot revolves around an NYPD detective played by Bruce Willis, fighting a gang of cyber terrorists who are targeting FBI computer systems.

“Before Die Hard 4.0, the word cyber terrorism was a taboo in my company. It could not be uttered aloud or discussed with the media. I tried to keep the Pandora’s Box closed. When the film hit the screens, I canceled that ban,” Kaspersky admitted.

Related articles

• A new era of cyber warfare: Virus ‘weapon’ has lurked inside thousands of computers in Middle East for five years (talesfromthelou.wordpress.com)
• New ‘cyberwarfare’ virus found in Middle East: researchers (talesfromthelou.wordpress.com)

New ‘cyberwarfare’ virus found in Middle East: researchers

New ‘cyberwarfare’ virus found in Middle East: researchers – The Globe and Mail.

 The Globe and Mail

Siemens Simatic S7-300

Jim Finkle

Boston— Reuters

May. 28, 2012

Security experts have discovered a new data-stealing virus dubbed Flame they say has lurked inside thousands of computers across the Middle East for as long as five years as part of a sophisticated cyber warfare campaign.

It is the most complex piece of malicious software discovered to date, said Kaspersky Lab security senior researcher Roel Schouwenberg, whose company discovered the virus. The results of the Lab’s work were made available on Monday.

Mr. Schouwenberg said he did not know who built Flame.

If the Lab’s analysis is correct, Flame could be the third major cyber weapon uncovered after the Stuxnet virus that attacked Iran’s nuclear program in 2010, and its data-stealing cousin Duqu, named after the Star Wars villain.

The discovery by one of the world’s largest makers of anti-virus software will likely fuel speculation that nations have already secretly deployed other cyber weapons.

“If Flame went on undiscovered for five years, the only logical conclusion is that there are other operations ongoing that we don’t know about,” Mr. Schouwenberg said in an interview.

The Moscow-based company is controlled by Russian malware researcher Eugene Kaspersky, and gained notoriety in cyber weapons research after solving several mysteries surrounding Stuxnet and Duqu.

Researchers at Kaspersky said they were only starting to understand how Flame works because it is so complex. The full significance will not be known until other cyber security firms obtain samples of Flame.

The Lab’s research shows the largest number of infected machines are in Iran, followed by the Israel/Palestine region, then Sudan and Syria.

The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail. It has about 100 times as much code as a typical virus designed to steal financial information, Mr. Schouwenberg said.

Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.

He said there was evidence to suggest the code was commissioned by the same nation or nations that were behind Stuxnet and Duqu, which were built on a common platform.

Both Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and employ a similar way of spreading.

That means the teams that built Stuxnet and Duqu might have had access to the same technology as the team that built Flame, he said.

Mr. Schouwenberg said he believed the attack was highly targeted, aimed mainly at businesses and academic institutions.

He estimated that no more than 5,000 personal computers around the world have been infected, including a handful in North America.

Kaspersky Lab discovered Flame while investigating reports that a virus dubbed Wiper was attacking computers in Iran.

The International Telecommunications Union, a U.N. agency that promotes research and cooperation on telecommunications technology, asked Kaspersky Lab to investigate those reports.

Mr. Schouwenberg said that his team discovered Flame, but failed to turn up anything that resembled Wiper.

How the world’s first cyber ‘super weapon’ attacked Iran – and now threatens the world

How the world’s first cyber ‘super weapon’ attacked Iran – and now threatens the world | Mail Online.

By Rob Waugh

7th December 2011

The CIA could have been behind a computer virus dubbed the world’s first cyber ‘super weapon’ that attacked an Iranian nuclear plant, experts claim.

The launch of Stuxnet in 2010 marked the transformation of viruses into weapons of war.

Experts believe it was so sophisticated that it could have only been invented by designers with the backing of a nation state, with the spy arm of the U.S government being the main suspects.

It was purpose-built to attack Iran’s Busehr nuclear plant, overriding and controlling circuits inside the plant to cause physical damage.

It was the first malware that could truly be described as a ‘cyber-weapon’.

‘With Stuxnet we have opened a new chapter in human history,’ says Ralph Langner, the security expert who unravelled the attack. ‘There is now no way we can stop or control the proliferation of cyber-weapons.’

Iranian President Mahmoud Ahmadinejad, center, visits the Natanz Uranium Enrichment Facility some 200 miles (322 kilometers) south of the capital, Tehran, Iran

To begin with, the sheer sophistication of the attack was what dazzled experts – it exploited four separate vulnerabilities in Windows to penetrate and override industrial control systems designed by Siemens.

It would have taken experts months to design.

But in the wake of Stuxnet, it’s become clear that the weapon was almost over-designed for the job.

The Stuxnet attack on Iran’s Bushehr nuclear plant – a computer ‘worm’ specifically written to attack industrial control systems – was proof that the software in many industrial plants was vulnerable to attack.

Since then, there has been increased interest in the idea – both from researchers, and from potential attackers. Since then, other software has ‘copied’ Stuxnet – raising the alarming possibility of attackers simply downloading such weapons and unleashing them at will.

Nations across the world have long warned that future wars will include cyber assaults on the industries and economies of adversaries, and the potential targets include power plants, pipelines and air traffic control systems.

More and more industrial equipment is connected to the internet – rendering it vulnerable to attacks by hackers

Relatively unsophisticated ‘computers’ used to control industrial devices are ‘open’ to the internet – leaving plants such as Busehr vulnerable to attack.

In theory, many plants – including utilities such as water and gas – are open to such attacks.

Earlier this month, suspicions were raised about a remote attack on a water plant in America – but it proved to be an engineer accessing his work remotely.

But governments, including Britain’s, are trying desperately to shield vulnerable utilities before someone deploys the next cyber weapon.

The British government recently bought a ‘cyber range’ – designed to allow ‘testing’ of networks to harden them against hostile intrusions.

A senior engineer checks a rack in the main cyber range at Northrop Grumman near Southampton – a ‘test-firing’ range made to design, improve and modify electronic security arrangements

In America, government agencies are also taking action.

Acting DHS Deputy Undersecretary Greg Schaffer said that industries are increasingly vulnerable to hackers and foreign agents due to ‘connected’ equipment – and ‘there have been intrusions.’

‘We are connecting equipment that has never been connected before to global networks,’ Schaffer said. Hackers and perhaps foreign governments ‘are knocking on the doors of these systems – there have been intrusions.‘

‘Everybody is going crazy about the offensive capabilities and opportunities it gives you,’ Langner adds. ‘What people don’t realise is how easy such attacks are, and that you don’t need the resources of a nation state to pull them off.

‘We can predict that rogue states, terrorists, criminals and hackers will soon be able to use them.’

‘Some time ago at a conference where I had expressed my belief that Langley and the Department of Energy were the leading forces behind Stuxnet , I was later approached in private by an official of the US military who said: ‘You’re right, we are simply not smart enough to do something like this.’ If the Pentagon had developed Stuxnet, it might have been much more crude and brute-force.’

The ‘Stuxnet’ worm – a sophisticated cyber attack on the Bushehr nuclear plant in Iran opened a new era of cyber-warfare. Duqu, detected in Europe, may well be from the ‘same authors’ says security firm Symantec

Many observers thought that the sophistication of Stuxnet would have required the resources of a nation to design. Others suspected it was produced by the U.S. or Israel.

The copycat, Duqu, required much less skill, though: it simply copied

Duqu is designed to penetrate industrial systems and send information to its creators. It’s designed to run for 36 days, sending innocent ‘dummy’ images to its creators, then hiding stolen information such as design documents amongst them as it operates.

Unlike Stuxnet, it doesn’t self-replicate inside computer systems – and is seen as a ‘precursor’ to an attack designed to cause physical or financial damage.

Symantec says that the detection of Duqu does not mean that the danger is over.

‘The threat was highly targeted toward a limited number of organizations for their specific assets,’ said the security firm in a statement. ‘However, it’s possible that other attacks are being conducted against other organizations in a similar manner with currently undetected variants.’

The nuclear power plant in Bushehr, southern Iran, which was the target of the Stuxnet worm. The Duqu worm is similar but is designed to steal information rather than cause physical damage

The U.S. Department of Homeland Security said it was aware of the reports and was taking action.

‘DHS’ Industrial Control Systems Cyber Emergency Response Team has issued a public alert and will continue working with the cybersecurity research community to gather and analyze data and disseminate further information to our critical infrastructure partners as it becomes available,’ a DHS official said.

‘Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose,’ Symantec said. ‘Duqu is essentially the precursor to a future Stuxnet-like attack.’

Duqu is designed to gather data from industrial control system manufacturers to make it easier to launch an attack in the future by capturing information including keystrokes.

“The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility,’ Symantec said.

In a 2007 test at the Idaho National Laboratory, government hackers were able to break into the control system running a large diesel generator, causing it to self-destruct.

Before the test, he said, the notion of cyber warfare ‘was mainly smoke and mirrors. But the Aurora tests showed that, you know what? We have a new kind of weapon.’

Related articles

• Stuxnet the start of new CyberWar Era (nextbigfuture.com)
• Warning over Iran terror virus war (thesun.co.uk)

FBI says hackers hit key services in three US cities

BBC News – FBI says hackers hit key services in three US cities.

Hackers could, in theory, have turned off the lights on shoppers

The infrastructure systems of three US cities have been attacked, according to the Federal Bureau of Investigation.

At a recent cybersecurity conference, Michael Welch, deputy assistant director of the FBI’s cyber division, said hackers had accessed crucial water and power services.

The hackers could theoretically have dumped sewage into a lake or shut off the power to a shopping mall, he said.

Industrial control systems are becoming an increasing target for hackers.

‘Ego trip’

“We just had a circumstance where we had three cities, one of them a major city within the US, where you had several hackers that had made their way into Scada systems within the city,” Mr Welch told delegates at the Flemings Cyber Security conference.

“Essentially it was an ego trip for the hacker because he had control of that city’s system and he could dump raw sewage into the lake, he could shut down the power plant at the mall – a wide array of things,” he added.

Such systems – commonly known as Supervisory Control and Data Acquisition (Scada) – are increasingly being targeted by hackers, following reports that they rely on weak security.

It follows two alleged break-ins to city water supplies. The first, to a water supply in Springfield, Illinois, was later played down by the FBI which said it could find no evidence of cyber-intrusion.

Initially it had thought a hardware fault was caused by Russian hackers but it later emerged that this was not the case.

In another attack a hacker named pr0f claimed to have broken into a control system that kept water supplied to a town in Texas.

The hacker said the system had only been protected by a three-character password which “required almost no skill” to get around.

Mr Welch did not confirm whether this breach was one of the three he was talking about.

Default passwords

Security experts predict there will be a rise in such attacks.

“Such systems have become a target partly because of all the chatter about the lack of security. Hackers are doing it out of curiosity to see how poorly they are protected,” said Graham Cluley, senior security consultant at Sophos.

He said that many relied on default passwords, and information about some of these passwords was “available for download online”.

Furthermore the firms that run Scada systems, such as Siemens, often advise against changing passwords because they claim the threat from malware is not a great as the problem that will be caused if passwords are changed.

“Not changing passwords is obviously slightly crazy. Proper security needs to be in place otherwise it is laughable,” said Mr Cluley.

24-hour surveillance

Industrial-scale hacking hit the headlines in 2010 with news of a worm aimed at Iran’s nuclear facilities. Stuxnet was widely rumoured to have been developed by either the US or Israeli authorities and, according to experts, was configured to damage motors used in uranium-enrichment centrifuges by sending them spinning out of control.

Iran later admitted that some of its centrifuges had been sabotaged although it downplayed the significance of Stuxnet in that.

This year a Stuxnet copycat, Duqu, was discovered by security experts.

Initial analysis of the worm found that parts of Duqu are nearly identical to Stuxnet and suggested that it was written by either the same authors or those with access to the Stuxnet source code.

Unlike Stuxnet it was not designed to attack industrial systems but rather to gather intelligence for a future attack.

Mr Welch also revealed at the conference that, to date, the FBI’s cyberteam had worked a 9 to 5 day. He said that a 12% increase in its budget would mean the team could now expand and begin monitoring cyberthreats around the clock.

Related articles

• Russian Hacker Temporarily Shuts Down Water Supply In Illinois, FBI Probe Launched (inquisitr.com)
• A Nasty Trojan named ‘Duqu’ with a Similar Source Code to the “Stuxnet” Trojan Appears to be Preparing to Attack Powerplants (greginsd.wordpress.com)

Did Iran Just Retaliate For Stuxnet? Computer Virus Infects US Predator Drone System

» Did Iran Just Retaliate For Stuxnet? Computer Virus Infects US Predator Drone System Alex Jones’ Infowars: There’s a war on for your mind!.

Zero Hedge
Saturday, October 8, 2011

It was only a matter of time: the weakest link in the otherwise awesome idea that is a remote-controlled military, represented by the thousands of Predator and Reaper drones, has always been its biggest strength: the fact that it is remote-controlled.

Which means that with no person on location, the system has always been susceptible to infiltration in the form of intermediation between the offsite pilot and the actual equipment. Such as a virus. And as Wired reports, a viral infestation, the biggest nightmare for the the US drone fleet, has just struck. “A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other warzones. The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military’s most important weapons system.” Well that is truly Ironic: the “western” world tried to cripple (and failed) Iran’s nuclear program with Stuxnet; it will, then, be supremely ironic if Iran retaliates by maxing out the credit cards of the US Air Force logging the credit card number as pilots purchase stuff online, and uses these to buy weaponized plutonium from Russia using Uncle Sam’s credit card.

More:

“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.”

Ah yes, the good old “it’s a benign viral infestation of a top-secret military system” excuse. It’s a classic. Works everytimg too.

And more:

Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.

Drones have become America’s tool of choice in both its conventional
and shadow wars, allowing U.S. forces to attack targets and spy on its
foes without risking American lives. Since President Obama assumed
office, a fleet of approximately 30 CIA-directed drones have hit targets
in Pakistan more than 230 times; all told, these drones have killed more than 2,000 suspected militants and civilians, according to the Washington Post.
More than 150 additional Predator and Reaper drones, under U.S. Air
Force control, watch over the fighting in Afghanistan and Iraq. American
military drones struck 92 times in Libya between mid-April and late August. And late last month, an American drone killed top terrorist Anwar al-Awlaki — part of an escalating unmanned air assault in the Horn of Africa and southern Arabian peninsula.

But despite their widespread use, the drone systems are known to have
security flaws. Many Reapers and Predators don’t encrypt the video they
transmit to  American troops on the ground. In the summer of 2009, U.S.
forces discovered “days and days and hours and hours” of the drone footage on the laptops of Iraqi insurgents. A $26 piece of software allowed the militants to capture the video.