Virus Infects Drone Network
GUY RAZ, HOST:
A few weeks ago, at Creech Air Force Base in Nevada, computer security experts came upon a virus in their network. And they were alarmed to discover that the virus was recording every keystroke made by Air Force pilots who sit at terminals at the base. Computer stations from which they remotely operate Predator and Reaper drones flying over places like Afghanistan and Pakistan. And so far, they can't seem to wipe the virus from the system.
Noah Shachtman first reported this story. He's a contributing editor at Wired magazine and he's in our New York bureau. Noah, welcome.
NOAH SHACHTMAN: Thanks for having me.
RAZ: First, tell us more about what this virus apparently does.
SHACHTMAN: It's called a key logger and it records people's keystrokes. And that's important because the way that drone pilots communicate with guys on the ground is through instant messenger. And so, if you record all that information, that's secret stuff. And if that gets to the outside that is bad.
RAZ: It all sounds very war games. Any sense of this virus has the potential to take over command of any of these drones?
SHACHTMAN: Look, there's a good chance this might all just be an accident. OK, that a virus that comes from computer to computer happened to jump onto a military network. If it's a deliberate network breach, it's a way to gain information not bring down any system.
RAZ: But what could someone glean from the keystrokes of these pilots?
SHACHTMAN: You can't glean how drone operations are run in places like Afghanistan and maybe even more secret locations. You could glean how the drones and the guys on the ground work together. There's a lot of stuff.
RAZ: I know the story has just broken and that there's not a whole lot of information out there. But what is your sense of who or what might be behind it? I mean pranksters, a foreign government?
SHACHTMAN: I really don't think we know yet. The military runs on the same computers that we use at our desks every day. And so, just like we catch viruses on our computers, military computers do, too.
RAZ: That's a terrifying thought except that their networks, my understanding was, are closed.
SHACHTMAN: Right. But in practice what happens is guys use those external hard drives to transport information from the closed, classified networks to the open networks that connect to the Internet. And in transporting that information back and forth, infections happen.
RAZ: Now, Noah, this is not the first time drone information has been intercepted, right?
SHACHTMAN: No, not at all. It turns out the drones were rushed into service, really, in the early part of the 2000s. They bypassed a sort of key element of military security, which is the drones transmit their video feed, you know, what they see from the sky. They transmit it without encrypting it, so that anybody with a proper receiver in the vicinity can actually watch what the drones watch. And so, we found in Iraq, in 2009, that militants had days and days worth of drone footage on their hard drives.
RAZ: That has, of course, been changed now. This is encrypted now, right?
RAZ: So, in theory, this is not secure information.
SHACHTMAN: Correct. It is being slowly changed, but it has not changed, you know, entirely yet. Two reasons, for an encryption, you need an encrypted transmitter and an encrypted receiver. There are hundreds and hundreds of these receivers being distributed to U.S. forces throughout Afghanistan and elsewhere. And, you know, the drones themselves are flying missions all the time and they don't want to take too many of them off-line.
And so, the U.S. military has made gamble, which is that there's not going to be too many technologically sophisticated militants right under the drones' noses. And so, therefore, they're going to continue to broadcast in the clear.
RAZ: That's Noah Shachtman. He's a contributing editor at Wired magazine. Noah, thanks.
SHACHTMAN: Thanks for having me.
(SOUNDBITE OF MUSIC)
RAZ: You're listening to ALL THINGS CONSIDERED from NPR News.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.