Monday, February 9, 2009

It's a Worm's Life in the Royal Navy

Yes, yes, it's supposed to be "dog" and "Today's Army", but it seems that Teredinidae have been joined by more modern, digital cousins:
A computer virus has attacked the communications network of almost the entire Royal Navy fleet, knocking out e-mails and the internet.
It is understood the worm disabled the NavyStar network in up to 75 per cent of the navy's ships last week ...
It's not just Her Britannic Majesty's Fleet:
French fighter planes were unable to take off after military computers were infected by a computer virus, an intelligence magazine claims.
In How to Hack a Classified Network I talked about how malware gets on networks that are ostensibly isolated from the Internet. USB thumb drives seem to be a big part of the French infection.

What's interesting to this is the ability to leverage unpatched security vulnerabilities to directly degrade military assets (as opposed to indirect degradation). This is almost certainly accidental, but demonstrates potential. Expect to see more of this in the future.

This is actually a very good reason for using Linux on military systems. If all you're trying to do is give the Lads a way to get email from home, Ubuntu is more than up to the job. And it has a much lower vulnerability exposure.

1 comment:

  1. Monocultures, whether carbon or silicon based, can be wiped out by a single well-designed virus. It doesn't matter whether it's Ebola or a Microsoft DOS exploit.

    Your point about Linux is a good one. But, more to the point, embedded military systems should use nonstandard or *completely custom* operating systems for both efficiency and impregnability.

    (This comes from someone who did a lot of military and telecom embedded development work.)

    ReplyDelete

Remember your manners when you post. Anonymous comments are not allowed because of the plague of spam comments.