WASHINGTON - The most serious cyber attack on the U.S. military's networks came from a tainted flash drive in 2008, forcing the Pentagon to review its digital security, a top US defense official said Aug. 25.
The thumb drive, which was inserted in a military laptop in the Mideast, contained malicious code that "spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control,"
Deputy Defense Secretary William Lynn wrote in the journal Foreign Affairs.
The code was placed on the drive by "a foreign intelligence agency," Lynn wrote.
"It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary."
Previous media reports speculated that the attack may have originated from Russia.
The Pentagon had never openly discussed the incident, but Lynn chose to reveal the details of the attack as officials try to raise public awareness of the growing threat posed to government computer networks.
The incident served as a wake-up for the Pentagon and prompted major changes in how the department handled digital threats, including the formation of a new cyber military command, Lynn said.
After the 2008 assault, the Pentagon banned its work force from using flash drives, but recently eased the prohibition.
Since the attack, the military has developed methods to uncover intruders inside its network, or so-called "active defense systems," according to Lynn.
But he added that drafting rules of engagement for defending against cyber attack was "not easy," as the laws of war were written before the advent of a digital battlefield.