“2008 cyberattack on United States”的意思、由来-开放百科全书

The 2008 cyberattack on the United States was the "worst breach of U.S. military computers in history". The defense against the attack was named "Operation Buckshot Yankee". It led to the creation of the United States Cyber Command.^[1]^[2]^[2]

History

It started when a USB flash drive infected by a foreign intelligence agency {{citation needed span|text=was left in the parking lot of a Department of Defense facility|date=September 2015}} at a base in the Middle East. It contained malicious code and was put into a USB port from a laptop computer that was attached to United States Central Command. From there it spread undetected to other systems, both classified and unclassified.^[1]^[3]

The Pentagon spent nearly 14 months cleaning the worm, named agent.btz, from military networks. Agent.btz, a variant of the SillyFDC worm,^[4] has the ability "to scan computers for data, open backdoors, and send through those backdoors to a remote command and control server."^[5] It was suspected that Russian hackers were behind it because they had used the same code that made up agent.btz before in previous attacks. In order to try to stop the spread of the worm, the Pentagon banned USB drives, and disabled Windows autorun feature.^[6]

References

1. ^¹{{cite news |author= |title=Defense Department Confirms Critical Cyber Attack |url=http://www.eweek.com/c/a/Security/Defense-Department-Confirms-Critical-Cyber-Attack-551206/ |quote=A senior Pentagon official has revealed details of a previously-classified malware attack he declared "the most significant breach of U.S. military computers ever." In an article for Foreign Affairs, Deputy Defense Secretary William J. Lynn III writes that in 2008, a flash drive believed to have been infected by a foreign intelligence agency uploaded malicious code onto a network run by the military’s Central Command. ...|work=Eweek |date= August 25, 2010 |accessdate=2010-08-25 }}
2. ^{{cite news |author= |title=Military Computer Attack Confirmed |url=https://www.nytimes.com/2010/08/26/technology/26cyber.html?_r=1&ref=technology |quote= |work=The New York Times |date=August 25, 2010 |accessdate=2010-08-26 | first=Brian | last=Knowlton}}
3. ^¹{{cite journal |url=http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain |journal=Foreign Affairs | author= William J. Lynn III | title=Defending a New Domain | volume = | issue = | pages = |accessdate=2010-08-25 |quote=In 2008, the U.S. Department of Defense suffered a significant compromise of its classified military computer networks. It began when an infected flash drive was inserted into a U.S. military laptop at a base in the Middle East. The flash drive's malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command. That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control. It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary. |work= }}
4. ^{{cite news|last1=Shachtman|first1=Noah|title=Under Worm Assault, Military Bans Disks, USB Drives|url=https://www.wired.com/2008/11/army-bans-usb-d/|work=Wired|date=November 19, 2008}}
5. ^Shachtman, Noah. "Insiders Doubt 2008 Pentagon Hack Was Foreign Spy Attack", The Brookings Institution, 25 August 2010.
6. ^{{Cite web|url=https://www.wired.com/2010/08/insiders-doubt-2008-pentagon-hack-was-foreign-spy-attack/|title=Insiders Doubt 2008 Pentagon Hack Was Foreign Spy Attack (Updated)|last=Shachtman|first=Noah|language=en-US|access-date=2016-10-04}}

History

References

Further reading