75°F
weather icon Clear
Las Vegas, NV
Local Las Vegas

Creech virus a common ‘nuisance’ virus aimed at online gaming

6185675-0-4
More Stories
Police lights. (File/Las Vegas Review-Journal)
Motorcyclist dies after striking curb, palm tree in Centennial Hills
A graduate wears a custom mortar board during UNLV spring graduation commencement exercises at ...
UNLV holds spring commencement ceremony — PHOTOS
Mayor Carolyn Goodman and husband Oscar greet Miss Rodeo Nevada 2024 Annemarie Vogedes during t ...
Helldorado Days Parade celebrates Las Vegas heritage — PHOTOS
Teenage boy fatally shot outside his house, police say
By Keith RogersLAS VEGAS REVIEW-JOURNAL
October 12, 2011 - 7:53 pm
 

A computer virus reported to have threatened the drone program at Creech Air Force Base is suspected to be a common virus used to steal passwords and log-ins for online gaming -- not spyware that records the actions of pilots guiding unmanned reconnaissance aircraft, military officials said Wednesday.

"It's standard policy not to discuss the operational status of our forces," said Col. Kathleen Cook, spokeswoman for Air Force Space Command at Peterson Air Force Base, Colo. "However, we felt it important to declassify portions of the information associated with this event to ensure the public understands that the detected and quarantined virus posed no threat to our operational mission."

Cook was responding to a Friday story from technology magazine Wired. The story quoted an unidentified source familiar with a drone network computer virus that surfaced last month at Creech, a hub for Unmanned Aircraft Systems such as MQ-1 Predators and MQ-9 Reapers. The base is 45 miles northwest of Las Vegas at Indian Springs.

The magazine described a virus that charts keystrokes made by pilots and sensor operators of spy planes used in combat missions over Afghanistan and Iraq. An anonymous source quoted in the Wired story said, "We keep wiping it off, and it keeps coming back. We think it's benign. But we just don't know."

The story suggested that data about secret warfare operations could be transmitted over the Internet to receivers outside the U.S. military.

That wasn't the case, however, according to the Air Force Space Command.

"The malware in question is a credential stealer, not a keylogger, found routinely on computer networks and is considered more of a nuisance than an operational threat," according to the Air Force statement. "It is not designed to transmit data or video, nor is it designed to corrupt data, files or programs on the infected computer."

Air Force officials said the problem was detected Sept. 15 by the 24th Air Force, which is the arm of the service that defends computer networks and conducts cyberspace operations.

The 24th Air Force alerted commanders at Creech that portable hard drives used to transfer data between systems had been infected. Air Force Space Command officials said the virus infected computers that were part of the ground-control system that supports remotely piloted aircraft operations.

"The ground system is separate from the flight control system Air Force pilots use to fly the aircraft remotely; the ability of the ... pilots to safely fly these aircraft remained secure throughout the incident," the Air Force statement said.

Remote-controlled sorties involving Predator and Reaper drones are conducted through a satellite link on computer consoles at Creech and elsewhere.

George Smith, an expert and author on cyberspace security issues, said computer viruses aren't rare on military networks and have a history that dates to the 1990s.

"There are many examples. Some of them have made news, (but) many incidences don't rise to that level," said Smith, a senior fellow at globalsecurity.org, a military information website.

"The military is exposed in the same way as everyone else on the world network," he wrote in an email to the Review-Journal.

One example of an attempt to intercept drone signals surfaced in 2009 when footage from video cameras was found on laptop computers carried by insurgents in Iraq. A relatively cheap software program made the intrusion possible.

Computer virus incidents like the recent one at Creech are difficult if not impossible to prevent.

The reason, Smith said, is that new viruses are written that aren't detected by industry standard software.

"This means there's a window in which a new piece of malicious software can always sneak through the defenses," he said.

"When it eventually gives itself away ... new cures can be programmed for it."

Smith said the cost to the military from a computer virus varies depending on what is spent on detection, removal and repairs or updates to the system.

So who was behind the event at Creech? You would have to analyze the virus to determine that, Smith said.

"Then you can start making some educated analyses which toss it into a variety of baskets, from spyware for criminal intent, extortionware for organized crime, spyware for a hacking group ... or malware aimed at creating a network of compromised computers for future unspecified exploitation."

Contact reporter Keith Rogers at krogers@reviewjournal.com or 702-383-0308.

Don't miss the big stories. Like us on Facebook.
THE LATEST
MORE STORIES
recommend 1
‘A beautiful soul was taken’: Father mourns Creech airman killed by suspected impaired driver
recommend 2
Las Vegas bicyclist dies after being hit by car
recommend 3
Allegiant reports rare loss in 1st quarter
recommend 4
Blake Shelton: Strip event ‘the fanciest thing I’ve ever been to’ — PHOTOS
recommend 5
Las Vegas visitor may have spread measles at Strip locales
recommend 6
What’s that building with the giant concrete tower across from Cashman Field?