Malware targets U.S. military computers

[Default User]

A targeted attack? That's what they are saying, but is that really what
happened? I don't know, myself, but it may be a smokescreen to cover up
past lax protection methods on portable military computers in the field.

Malware targets U.S. military computers
12/02/08
By Dan Campbell
http://www.gcn.com/cgi-bin/udt/im.di...story.id=47664

Pentagon officials acknowledged that the malware known as Agent.btz
recently affected some Defense Department systems. Although it has been in
circulation for several months, the malware had not yet been known to
penetrate military networks.

The incident has left DOD officials scrambling to clean infected systems,
institute new policy and security measures to thwart future incidents, and
perform forensics to discover the source of the attack.

The issue was serious enough to prompt Adm. Mike Mullen, chairman of the
Joint Chiefs of Staff, to brief President Bush and Defense Secretary Robert
Gates last week on the incident.

DOD has not provided many details on the extent of the incident or whether
the malware could have harmed systems that are critical to national
security. Reports have indicated that the malware infected Central Command
computers used by U.S. forces in Iraq and Afghanistan. According to one
report, nearly three-quarters of the computers at the largest U.S. military
base in Afghanistan were affected. Other computers and networks were
apparently affected as well.

Pentagon officials responded by implementing a policy that prohibits the
use of most types of portable data-storage media on government computers,
particularly USB-based thumb or flash drives, memory sticks, and camera
flash memory cards. Malware, viruses and other attack software can
propagate via the thumb drives from one machine to another.

Although warranted, the policy creates a hardship for warfighters in the
field, who often carry critical data on flash drives in areas in which
conditions do not allow for reliable wireless computer communications. The
new policy makes it more difficult to share information within a war
theater.

Implementing such a policy requires a combination of technical measures and
education. Whether state-sponsored or otherwise, hackers who use malware,
viruses and other methods to shut down computers, compromise data or steal
information frequently target military computers and networks.

The Agent.btz malware is a variation of a worm that surfaced in 2005, but
the latest iteration appears to have been designed specifically to target
military networks.


© 1996-2008 1105 Media, Inc. All Rights Reserved.

[David H. Lipman]

From: "Default User" <default@user1.invalid>

| A targeted attack? That's what they are saying, but is that really what
| happened? I don't know, myself, but it may be a smokescreen to cover up
| past lax protection methods on portable military computers in the field.

| Malware targets U.S. military computers
| 12/02/08
| By Dan Campbell
| http://www.gcn.com/cgi-bin/udt/im.di...story.id=47664

< snip >

/* The DoD was NOT "targeted" nor spear-phished. */

The W32/Agent.BTZ is an AutoRun worm and through sheer *STUPIDITY* on the part of the
warfighter, this AutoRun worm spread from Flash Drive to system and back to Flash Drive,
etc. This was happening in-theatre and spread home with returning service personnel. It
showed a security hole in the GIG and actions have been taken to patch the hole in the
GIG.

That's all there is to this !

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp