Malicious software on a USB memory stick is being blamed for the most significant loss of data ever to have been recorded by the US military.
US secretary of defence William Lynn said that a foreign agent was able to hack into a laptop using malware which was installed from a USB stick and he admitted that it was now being seen as the most severe security breach in US military history.
Mr. Lynn said that the data loss occurred two years ago when an individual who was essentially an international spy gained access to a laptop left unattended at an undisclosed location in the Middle East, circumventing the security of the military network using hacking malware installed on the PC via USB storage.
He described the nightmarish scenario that faced IT managers after it was discovered that malware had infected secure systems, giving third parties access to vast volumes of top secret data relating to ongoing operations from around the world.
The event sent shockwaves throughout the armed forces. Mr. Lynn added that it was a useful demonstration as to the inadequacies of certain security policies and had resulted in the formulation of new practices which should offer better protection against future data loss.
Operation Buckshot Yankee was launched to counteract the effects of the malware and it took a stand against all forms of USB storage, outlawing the use of flash memory drives as a result of the attack.
Mr. Lynn would not be drawn as to whether data had been lost as a result of the infection, let alone volumes and types if indeed such loss had occurred.
Industry analyst John Kindervag has predicted that the US military’s propensity to blame the use of USB memory sticks rather than operative incompetence will result in many others following suit and removing flash memory from circulation.
Nearly seven million individual devices across tens of thousands of networks are harnessed by the Department of Defense in the US and it takes a team of 90,000 staff across the globe to keep everything in check, according to Mr. Lynn.
