DoD Unveils New Cyber Defense Strategy
Malicious code placed on the drive by a foreign intelligence agency uploaded itself onto a network run by the U.S. Central Command, according to the article. "That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control," Lynn says in the article, as quoted by the Washington Post. "It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary."
Lynn's decision to declassify an incident that Defense officials had kept secret reflects the Pentagon's desire to raise congressional and public concern over the threats facing U.S. computer systems, experts told the newspaper. In 2008, the Los Angeles Times reported that the incursion might have originated in Russia. After the breach, the Pentagon banned the use of flash drives, a policy that has since been modified.
Lynn writes that DoD implemented Operation Buckshot Yankee to counter the virtual attacks. The Pentagon, he says, "has begun to recognize its vulnerability and is making a case for how you've got to deal with it."