Buckshot Yankee

Then-U.S.
Deputy Secretary of Defense William J. Lynn III called it “the most significant
breach of U.S. military computers ever
” and “a network administrator’s worst
fear” when, in 2008, a silently operating, rogue program infiltrated classified
U.S. military networks.

Then-U.S.
Deputy Secretary of Defense William J. Lynn III called it “the most significant
breach of U.S. military computers ever
” and “a network administrator’s worst
fear” when, in 2008, a silently operating, rogue program infiltrated classified
U.S. military networks. The infection began at a base in the Middle East when
an infected flash drive was inserted into a military laptop and subsequently
uploaded malware onto a network controlled by U.S. Central Command. The Trojan,
dubbed “agent.btz,” was reportedly a variant of the older and better known
SillyFDC‘ worm that was coded to replicate itself when the media storage
device it was stored on was plugged into a computer. It created what Lynn said amounted
to a ‘digital beachhead,’ from which classified and unclassified data was then
transferred to foreign controlled servers. The response to this incident,
codenamed “Buckshot Yankee,” included an initial all-out ban on removable
storage devices (that was eventually lifted) and the creation of the U.S. Cyber
Command. It took more than a year to completely remove all infections from the
network. The source of the attack is still unknown.

Suggested articles

2020 Cybersecurity Trends to Watch

Mobile becomes a prime phishing attack vector, hackers will increasingly employ machine learning in attacks and cloud will increasingly be seen as fertile ground for compromise.

Top Mobile Security Stories of 2019

Cybercrime increasingly went mobile in 2019, with everything from Apple iPhone jailbreaks and rogue Android apps to 5G and mobile-first phishing dominating the news coverage. Here are Threatpost’s Top 10 mobile security stories of 2019.