The Envoy

Computer virus found at U.S. drone base a “nuisance,” not “operational threat,” U.S. Air Force says

The Envoy

The U.S. Air Force has acknowledged for the first time that a key computer system at a Nevada base that's devoted to flying Predator drones has suffered a computer-virus outbreak. The Creech airbase relies on computers to remotely pilot unmanned Predator drones from Afghanistan to Yemen succumbed to a virus last month, Air Force officials confirmed on Wednesday.

However, Air Force personnel also insisted that the virus--which reportedly records the ground control room pilots' keystrokes--amounted only to a minor "nuisance." At no time did the virus interfere with pilots' ability to remotely fly the sophisticated unmanned aircraft, the Air Force Space Command said, according to a report by Agence France Presse.

"The infected computers were part of the ground control system that supports RPA (remotely piloted aircraft) operations," the Air Force Space Command said in a statement, according to the AFP report. "The ground system is separate from the flight control system Air Force pilots use to fly the aircraft remotely; the ability of the RPA pilots to safely fly these aircraft remained secure throughout the incident."

The virus is one that is "found routinely on computer networks and is considered more of a nuisance than an operational threat," the Air Force statement said.

The Air Force's remarks—which it said required declassifying some information concerning the incident—confirmed a story first published by Wired magazine's Noah Shachtman last week.

"A computer virus has infected the cockpits of America's Predator and Reaper drones, logging pilots' every keystroke as they remotely fly missions over Afghanistan and other warzones," Shachtman wrote. The virus, while not impairing the drones from being flown on missions abroad, "has resisted multiple efforts to remove it" from the base's computers. "We keep wiping it off, and it keeps coming back," a source told Shachtman.

In a subsequent report Tuesday, Shachtman said that Creech base officials did not initially notify the Air Force cyber-security specialists when the malware was discovered on their security network on Sept. 15 --"leaving the unit that's supposed to serve as the Air Force's cyber-security specialists in the dark" for more than two weeks.

While there's no immediate sign of serious damage and the planes are still operating from Afghanistan to Yemen, Shachtman wrote, military sources told him a detailed investigation is only now getting under way.

Cyber security expert James Lewis, a former Reagan administration official now with the Center for Strategic and International Studies, said the U.S. military has previously discovered vulnerabilities in the security of U.S. drone information systems, most notably in Iraq last year.  "An Iraqi insurgent hacked into [a U.S. drone] downlink," which is not usually encrypted, Lewis told The Envoy Thursday.

And America's foes are constantly probing for vulnerabilities in U.S. military computer systems to exploit in wartime, Lewis said. In 2008, he noted, U.S. Central Command was hacked when "someone brought in a USB stick and plugged into SIPR-net," the military's classified Internet system, Lewis said--a hack that was judged to be malicious in intent.

Lewis noted that the Creech base's computer virus was uncovered last month just a couple days after the United States confirmed that al-Qaida in the Arabian Peninsula propagandist Anwar al-Awlaki was killed in Yemen—reportedly in a U.S. drone strike--and wondered speculatively if there might be a connection.

Still, Lewis said that a Russian computer security expert had told him that in his assessment, the Creech incident was probably more ordinary and unintentional. "A board operator was surfing the web, or brings in an iPod," he suggested--in much the same way, he added, that "any of us get a virus."

Other popular Yahoo! News stories:

Want more of our best national security stories? Visit The Envoy or connect with us on Facebook and follow us on Twitter.

View Comments (481)