US drone fleet infected by virus

A persistent keylogging computer virus has infected the piloting systems used to control U.S. Predator and Reaper unmanned aerial vehicles in Afghanistan and elsewhere, Wired has reported.

The virus records the keystrokes of Air Force pilots flying the drones remotely from Creech Air Force Base in the Mojave Desert, Nevada. The infection hasn’t prevented the Air Force from flying its missions, and there have been no reports of lost information, but the virus has resisted repeated efforts by IT crews to clean it from the drone system, Wired reports.

“We keep wiping it off, and it keeps coming back,” a source told Wired’s Danger Room. “We think it’s benign. But we just don’t know.” Security specialists said they couldn’t tell whether it was the result of a planned attack or a accidental infection.

Drones have become an increasingly important tool for U.S. forces in battle zones as the number of troops dwindles and the military turns to network-based operations.

The Air Force this year released a procurement plan calling for doubling by 2021 the number of its most advanced drones — the RQ-4 Global Hawk class, MQ-9 Reaper and MQ-1 Predator class.

The drones have been used for attacks in Pakistan and Afghanistan and also are used extensively for surveillance. This year, the Air Force launched its Gorgon Stare program, which uses a Predator or Reaper to record surveillance data on up to 12 cameras instead of one and share the data simultaneously with troops on the ground.



About the Author

Kevin McCaney is a former editor of Defense Systems and GCN.

inside gcn

  • security in the cloud (ShutterStock image)

    Cloud security is the agency’s responsibility

Reader Comments

Fri, Oct 14, 2011 Art United States

If they can't keep these systems secure, it would seem to point to the danger of control of this weapon to be seized and used against them.

Wed, Oct 12, 2011

I do not see how they can say it is benign unless they know where the keystrokes are being sent or what else the virus is doing.

Wed, Oct 12, 2011

Maybe they ought to be looking at their support eqquipment as a source of the virus. Fast wipe and reload from a "known good source" is OK, as long as you don't reinfect by connecting you support equipment/mission upload or diagnostic systems.

Wed, Oct 12, 2011

The fact that that USAF and their partners don't have an SOP in place to do a fast wipe and reload from known-good system images, is scary. Unless the virus is into the chips, no virus should be able to survive a bare-metal reload.

Wed, Oct 12, 2011

Wonder if the USG will move the Drones to the cloud? Since Drones are a global resource, it only makes sense!

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group