Pentagon Confirms 2008 Cyber Attack Against U.S. Military

A Pentagon official has confirmed a major cyber attack on U.S. military computers that occurred when a foreign intelligence agent used a malicious flash drive to steal information from laptops in Iraq and Afghanistan, The New York Times reports.

William Lynn 3rd, deputy secretary of defense, described the incident in the journal Foreign Affairs as "the most significant breach of U.S. military computers ever."

During the attack, launched some time in 2008, the agent plugged a small infected flash drive into a laptop used by the U.S. military at a Middle East base and installed code created to steal information from computers there, including those used by the Central Command that oversaw operations. The stolen data was then transferred to servers controlled by foreign enemies, according to Lynn.

"That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead from which data could be transferred to servers under foreign control," he said in the Foreign Affairs article.

While the Los Angeles Times first reported the incident in November 2008, Lynn was the first U.S. government source to officially confirm the attack. In the Los Angeles Times report, sources were cited anonymously and it was speculated that the attack originated in Russia.

In the Foreign Affairs article, Lynn described the challenges of adequately protecting the U.S. military's web of 15,000 networks and 7 million computing devices around the globe from hidden adversaries that could wreak havoc on U.S. cyber infrastructure with basic equipment and minimal programming expertise simply by locating and exploiting vulnerabilities.

"A dozen determined computer programmers can, if they find a vulnerability to exploit, threaten the United States' global logistics network, steal its operational plans, blind its intelligence capabilities or hinder its ability to deliver weapons on target," he wrote.

He also reinforced that the U.S. needed to re-evaluate its defense strategies due to the fact that traditional methods of attack and counterattack don't were not applicable in cyber warfare.

Lynn also described the U.S. military's counter defense strategy -- so dubbed Operation Buckshot Yankee -- and mentioned that the National Security Agency developed security systems that could counteract similar attacks in real time.

Meanwhile, security officials maintain that one of the repercussions of the attack could be counterfeit hardware, which may have been used to control "kill switches" or "back doors," used remotely by cyberattackers, as well as malicious code designed to stealthily steal classified information from U.S. military computers or completely shut down an entire network.

Lynn's testimonial -- the first on-record disclosure that a foreign agency was able to penetrate U.S. cyber defenses -- drew criticism from some cyberexperts, who pointed out that he unintentionally clued U.S. enemies in on privileged information.

Lynn, however, contended that declassifying a major attack would raise public awareness of the cyber threat on the U.S. government and reinforce the growing necessity for the U.S. to swiftly address these threats.

He urged the U.S. to accelerate the process in which they respond to such an attack, noting that it took the Pentagon an average of 81 months to adopt a new computer system but it took Apple only 24 months to develop the iPhone, which was "less time than it would take the Pentagon to prepare a budget and receive Congressional approval for it."