Diplomatic and Military Affairs
Old worm won't die after 2008 attack on US military
Updated: 2011-06-17 13:35
(Agencies)
WASHINGTON - Three years after what the Pentagon called the most significant breach of US military networks ever, new versions of the malware blamed for the attack are still roiling US networks, Reuters has learned.
The malware at issue, known as "agent.btz," in 2008 infiltrated the computer systems of US Central Command, which was running the wars in Iraq and Afghanistan.
The attack established what Deputy Defense Secretary William Lynn called "a digital beachhead" for a foreign intelligence agency to attempt to steal data.
The Pentagon last year disclosed its operation to counter that attack, known as Buckshot Yankee. But new, more potent variations of agent.btz are still appearing.
"We can definitely say that it's not limited to government computers, it never has been, and that it hasn't gone away," said an official of the Department of Homeland Security, which leads US efforts to secure federal nonmilitary computer networks, often described as the Internet's "dot.gov" domain.
"It's very persistent and it keeps evolving," the official said. "You're constantly seeing new, better versions of it. So it's a challenge to keep ahead of it."
"It's quite prolific," the official added, speaking on condition of anonymity because of the matter's sensitivity. The official did not specify precisely which networks have been affected or the extent of the damage.
US officials have said a foreign spy agency was responsible for the 2008 attack, which occurred when an infected flash drive was inserted into a US military laptop at a base in the Middle East.
But they have never publicly named which one. Reuters has learned that experts inside and outside of the US government strongly suspect that the original attack was crafted by Russian intelligence.
Information about the origin of the suspected attackers, however, is still closely held and Pentagon officials refuse to discuss it. People familiar with the matter spoke to Reuters on condition of anonymity and did not explain why Russia was the top suspect.
Buckshot Yankee led to Defense Secretary Robert Gates' order in June 2009 to create the military's new Cyber Command, which became operational last year.
"That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control," Lynn wrote in the journal Foreign Affairs last fall.
"It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary," he said.
Specials
Mom’s the word
Italian expat struggles with learning English and experiences the joys of motherhood again.
Big win
After winning her first major title, Chinese tennis star could be marketing ace for foreign brands
Markers of memories
Axe comes down on historical buildings as part of Harbin government’s baroque programs