In a rare move, the US Air Force has made a public statement about the keylogger malware which was rumoured to have infected the consoles used to fly the unmanned Predator and Reaper drones. The statement was issued to correct recent reporting that the malware detected on stand-alone systems on Creech Air Force Base, Nevada had affected drone operations.
According to the statement the Air Force first detected the malware on 15 September. It was found on a portable hard drives used for transferring information between systems. Subsquetnly it was isolated and forensic investigation was started to track the origin of the malware and clean the infected systems.
“It’s standard policy not to discuss the operational status of our forces,” said Colonel Kathleen Cook, spokesperson for Air Force Space Command. “However, we felt it important to declassify portions of the information associated with this event to ensure the public understands that the detected and quarantined virus posed no threat to our operational mission and that control of our remotely piloted aircraft was never in question.”
The malware, which was detected on a Windows machine, in the end turned out to be a credential stealer for Mafia Wars, not a keylogger.
The infected computers were part of the ground control system that supports RPA operations. The ground system is separate from the flight control system Air Force pilots use to fly the aircraft remotely; the ability of the RPA pilots to safely fly these aircraft remained secure throughout the incident.