intelligence agency infiltrated sensitive U.S. military CentCom
networks in 2008, Deputy Defense Secretary William J. Lynn III has
revealed the source of the attack. And it was -- drumroll please -- a
flash drive. A simple flash drive inserted into a military laptop at a
location in the Middle East allowed malicious code to install and
conceal itself on both classified and unclassified servers, opening
them to foreign control.
The acknowledgement that such a simple process set off such an
egregious breach of security highlights not only the danger that cyber
threats pose, but just how fragile sensitive systems -- the systems by
which America makes war -- can be.
n an article today in Foreign Affairs, Lynn presents new details about
the DoD's cyberstrategy as it pertains to seeking out threats within
its own networks, and according to the WaPo he asserts that the
Pentagon needs to make efforts to protect important industry networks
as well. That means defending not only protecting dot-gov and dot-mil
networks, but ensuring that private industries providing critical
infrastructure are taking the proper steps to secure their own
networks.
But what the Pentagon learned the hard way is also a timely reminder
for the rest of us as well. Keep in mind that foreign flash drives are
something like sailors during Fleet Week -- there's just no way to
know where they've been or what they've been, ahem, uploading. Be safe
out there.
[Washington Post]