A story from Wired Magazine’s Danger Room blog that is getting a lot of attention. It calls into question the claims made this week by Deputy Secretary of Defense William J. Lynn III about a 2008 cyber attack against the Department of Defense.
The worm, dubbed agent.btz, caused the military’s network administrators major headaches. It took the Pentagon nearly 14 months of stop and go effort to clean out the worm — a process the military called “Operation Buckshot Yankee.” The endeavor was so tortuous that it helped lead to a major reorganization of the armed forces’ information defenses, including the creation of the military’s new Cyber Command.
The havoc caused by agent.btz has little to do with the worm’s complexity or maliciousness — and everything to do with the military’s inability to cope with even a minor threat.
But what spy service would launch such a lame attack?
“It isn’t the most capable threat, I agree with that,” Lynn replies. “But that kind of makes the point. If you had something of the kind of capability you described and we suffered a compromise as the result of it, it clearly means that we need to have a new strategic approach and that’s what started a couple years ago. I’ve tried to lay out where we’re going going forward.”
So let’s get this straight. DoD found itself vulnerable to a “Level 1: Low Risk” threat, the kind of threat that could have been taken care of by one of Symantec’s antivirus applications, because it was completely ignorant of its own systems. And instead of bringing its defense up to date, the response has been to create the U.S. Cyber Command with a mission that includes offensive cyber attack against adversaries, as well as calls from prominent individuals in the defense community to “re-engineer the Internet” to eliminate anonymity online. Inappropriate, dangerous overkill anyone?