Infected USB flash drive led to worst U.S. military breach in history

Malware loaded into USB flash drives resulted in the successful infiltration of the U.S. military's Central Command in 2008, says a new report by The Washington Post. In what was deemed as the U.S. military's "most significant breach," Deputy Defense Secretary William J. Lynn III confirmed that the malicious code was placed in the drive by a foreign intelligence, and managed to spread undetected onto classified systems.

"That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead," says Lynn in a Foreign Affairs article. The data could then be transferred to servers under the control of foreign governments. The decision by Lynn to declassify the incident reflects the Pentagon's desire to raise congressional and public awareness over the asymmetrical nature of cyber warfare facing U.S. computer systems today, say experts.

Elaborating on the seriousness of the successful infiltration of the command and control system, a former intelligence official who spoke on condition of anonymity told the Post: "This is how we order people to go to war. If you're on the inside, you can change orders. You can say, 'turn left' instead of 'turn right.' You can say 'go up' instead of 'go down.' "

For more on this story:
- check out this article at Ars Technica
- check out this article at CNET News
- check out this article at The Washington Post

Related Articles:
DoD: China continues to press with cyber warfare capabilities
Panel urges DoD role in domestic network cybersecurity
Is the threat of cyber war exaggerated?
Lewis: Cold War lessons of limited value for cyber attack deterrence