The malware detected on stand-alone computer systems at Creech AFB, Nev., has not affected the Air Force’s remotely piloted aircraft operations, said officials with 24th Air Force, USAF’s cyber operations arm, at Peterson AFB, Colo. “[W]e felt it important to declassify portions of the information associated with this event to ensure the public understands that the detected and quarantined virus posed no threat to our operational mission and that control of our remotely piloted aircraft was never in question,” said Col. Kathleen Cook, Air Force Space Command spokeswoman. Air Force cyber officials on Sept 15 detected the malware on portable hard drives used for transferring information between systems. They isolated it and began a forensic process to track its origin and clean the infected computers. The infected systems were part of the ground control system that supports RPA operations, but they were separate from the RPA flight control system, they said. The malware in question is a credential stealer, not a keylogger as initial press reports indicated, they said. It “is considered more of a nuisance than an operational threat,” they noted. (Peterson release) (See our initial coverage of this issue.)
The defense intelligence community has tried three times in the past decade to build a “common intelligence picture”—a single data stream providing the information that commanders need to make decisions about the battlefield. The first two attempts failed. But officials say things are different today.