Russian hackers attacked U.S. Central Command's networks

Published 2 December 2008

Russian hackers have been the prime suspects in sustained attacks on government networks and Web sites in Estonia and Georgia; now evidence emerges to implicate Russian hackers in sustained attacks on the computer system of the U.S. Central Command, which oversees the wars in Iraq and Afghanistan

Russian hackers were the chief suspects in sustained attacks on government Web sites in Estonia and Georgia when tensions erupted between these two former Soviet republics and the Russian Federation (in the case of Georgia it was more than tension: it was war). Now Russian hackers are believed to have conducted a malware strike on combat zone computers and the U.S. Central Command overseeing Iraq and Afghanistan, according the U.S. Defense Department. Los Angeles Times’s Julian Barnes writes that senior military leaders told President George Bush last week that a severe and widespread electronic attack on Defense Department computers that may have originated in Russia. They said that the attack struck hard at networks within U.S. Central Command and affected computers in combat zones. One highly protected classified network was also bought down.

A Pentagon source said that the attack was significant and got everyone’s attention. It is not clear if the malware was created by an individual hacker or whether the Russian government may have had some involvement.

The software’s designers may have been targeting computers used by troops in Afghanistan and Iraq. The malware is called agent.btz, and has been circulating among nongovernmental U.S. computers for months. Recently it affected the Pentagon’s networks. It spreads to any flash drive plugged into an infected computer. Such drives are used in Iraq and Afghanistan, and many officers keep flash drives loaded with the data around their necks.

There are lots of people working hard to remove the threat and put in preventive measures to protect the grid,” said a defense official. “We have taken a number of corrective measures, but I would be overstating it if I said we were through this.”