According to a Wired report, malware has infected the control systems used by the United States Air Force to fly Predator and Reaper drones, logging keypresses as the unmanned aircraft are flown remotely in Afghanistan, Libya, Pakistan and other conflict zones.
The malware intrusion is said to have been detected by the Department of Defense’s own Host Based Security System (HBSS), but attempts to permanently remove the infection from one of America’s most important weapons systems have proven unsuccessful.
Inevitably there has been some concern in the media that malware could interfere with the flight of drones that are not just capable of surveillance, but can also carry deadly missiles to remote targets.
Questions are understandably being asked as to whether a remote hacker could interfere with the drones mid-flight, or send information to a third party about the drone’s whereabouts or intended target.
Wired quotes an unnamed source familiar with the infection as saying:
"We keep wiping it off, and it keeps coming back... We think it’s benign. But we just don't know."
Hmm.. If I “just didn’t know” I would assume the worst. In computer security, it’s always safest to assume the worst possible scenario has happened and take the necessary steps until you have proven that it hasn’t, rather than assume everything is ticketyboo.
Chances are that the malware is a common-or-garden keylogging Trojan horse designed to steal banking information rather than targeting the USAF. But if they are having problems keeping their systems malware-free, and have not identified the infection accurately, they should presume that it is more serious instead.
Predator and Reaper crews fly their drones remotely from an airforce base in Creech, Nevada. The computer systems used to control the weapons are supposedly not connected to the public internet – to reduce the chances of malware infection.
However, any IT administrator will know that simply disconnecting a computer from the internet does not make it 100% safe. Malware can be introduced via other means, such as a USB memory stick, as astronauts on the International Space Station discovered in 2008.
And that seems to me to the most likely vector (USB memory stick I mean, not outer space..) by which malware could have infected the drone computers, as it’s known that drone pilots use memory sticks to upload terrain maps and mission videos.
Here’s a photograph of an airman remotely piloting a done at the Predator control HQ in Creech Air Force base, Nevada:
Take a closer look at the photograph.
It certainly looks like they’re running Windows, doesn’t it? I hope they’re up-to-date with their operating system patches and anti-virus updates.
It might be an idea to check that Autorun is disabled too.
14 comments on “Malware compromises USAF Predator drone computer systems”
Looks like… Windows XP!
Why couldn't they just run a custom build OS or one build on Linux? WIndows have so many attack vectors as it is a "made for all" OS. A custom OS should only have one function: fly the drone. Also it seems that is XP rather than seven (evident by the green "start" menu and the blue title bar).
Not just windows, but Windows XP!
Must be those computers aren't Windows 7 capable? lol
I think it's a bit of a stretch to jump from one screen above "looking like it's XP" to assuming that the primary controls (centre and above) are also XP and are even network linked to the monitor that looks to be XP.
I agree. Many defense systems and, especially, aircraft systems (civil and military) are developed using the Ada programming language, usually on some version of Linux. So, methinks the XP machine (if that is, in fact, what it is) is likely not "controlling" anything, maybe acting as a communications platform or something. (Although there *is* an Ada IDE for Windows….)
Quoting unnamed sources is just beginning of what's wrong with this post.
I guess you could have tossed in that the drone should be electric and charged from a solar panel to make in greener 🙂
I thought the military always used Linux. Isn't that where Linux was developed? I could be wrong here. However, the thought of our military being reduced to a Windows operating system is very scary.
Noooo, Linux was developed by open-source hippies.
Finally some material for the next Team America movie….
Hopefully just being used as reference; otherwise might find one over my house !!
It’s an inside job. Check ALL USB devices for the malware and the fingerprints on the USB devices. Wiping the whole drive and reinstalling everything from scratch should have stopped it. somebody is reinstalling the malware as well.
The key logger is memorizing the user actions, so the author can learn all the drone's functions. This is very bad for security. We could be attacked by our own weapons. I am pretty sure they will be an instance of our governments drones being used by hackers, or terrorist.
Apparently the mitliary really doesn't understand electronic technology too much, shocker.