A computer virus has been logging U.S. military pilots’ keystrokes during remote war zone missions. The military’s host-based security system detected this breach in the cockpit software of Predator and Reaper drones.
Military security specialists say they are unsure whether the virus was installed on their systems intentionally, or if it found its way onto the computers at Creech Air Force Base in Nevada by accident. It’s unclear how far the virus has spread.
Wired’s Danger Room quoted a source familiar with the infection as saying:
We keep wiping it off, and it keeps coming back. We think it’s benign. But we just don’t know.
Regardless of whether the virus was maliciously or accidentally introduced, it may have security implications. It is not uncommon for “keylogger” programs to transmit their logs back to their source. How much information could be gleaned from those logs? It’s not known for sure. But if GPS coordinates were entered using a physical keyboard, it would be fairly easy to determine where the drones had been deployed. If the virus was able to relay information in real-time, the concern is that it could be used to warn potential targets.
If security procedures are followed correctly, officials say the mission data should be secure; cockpit computers are not connected to the public Internet. It could possibly transmit the information throughout the closed, internal military network. But getting this sensitive information out into the wider world would likely require a person to physically transfer it using some form of removable media, which is restricted in high security areas. This infection is cause for concern, exposing the ongoing security risks in what has become the U.S. military’s most important weapons system.