Welcome to the SecAware blog

I spy with my beady eye ...

20 Feb 2009

Military systems not immune to civil (or for that matter military) malware

News of the Conficker/Downadup worm rumble on. Britain's Daily Telegraph is relaying news from a French newspaper that a French naval network was infected, disrupting communications and hence military opertions as the network was isolated for disinfection. The same piece reports that a "report in the military review Defense Tech revealed that in the first days of January 2009 the British Defence Ministry had been attacked by a hybrid of the virus that had substantially and seriously infected the computer systems of more than 24 RAF bases and 75 per cent of the Royal Navy fleet including the aircraft carrier Ark Royal."

While the journalists and military PR people are typically at pains to point out that such events affect only unclassified or lowly-classified networks, the impacts sometimes appear to indicate otherwise - unless that is the French navy is in the habit of passing military orders over unclassified networks, which I doubt.

The reality of modern life is that most organizations are connected to the global Internet, and therefore they rely on network security controls to prevent "unauthorized traffic", including malware and hackers. Even those with no Internet connections remain vulnerable to malware infections by other routes, such as USB memory sticks in the French navy case. If even the highly controlled and well funded military are vulnerable to such nasties, what hope is there for other organizations, particularly large or diverse organizations with limited control over their IT systems and networks? I'm very conscious that our own small business remains vulnerable, despite the firewalls, antivirus software, network monitoring and so on, but at least we have security awareness on our side!

No comments:

Post a Comment