Aug 26 2010

Gov’t hype surrounds ”Operation Buckshot Yankee”

Reporters tout the U.S. Deputy Secretary of Defense like he's the world's #2 hacker
No Gravatar

Let’s cut to the chase. U.S. Deputy Defense Secretary William J. Lynn III wrote an op-ed for a commercial publication in which he claims a single USB thumb drive caused the worst military data breach in history. And according to Wikipedia, that one little USB stick led to the creation of the Pentagon’s new Cyber Command.

Why did it take this guy nine years to hear a “wake-up call”?

Breathless reports like this one say this single specific tiny little USB thumb drive got infected with agent.btz, a tiny little chunk of malware the antivirus world has known about since, what, 2008? Yet it took at least 14 months for the Pentagon to clean it up.

Come on, people — fourteen months?!? The antivirus experts dismiss agent.btz as banal, not brilliant.

I’ll bet it took so long only because it was a classified operation. This malware would have blown over in a week if DoD-CERT had issued an email saying “hey, there’s a new virus running around, please scan your PCs for agent.btz.”

{sniff} I can definitely smell a lot of groupthink here. Not to mention hype, which goes hand in hand with groupthink.

Lynn suffers from a short memory span. We know this because he thinks the Pentagon got “a wake-up call” when agent.btz slithered into classified networks. If Lynn’s brain had more RAM, he would recall the Melissa virus did EXACTLY the same thing in 1999. It infected classified U.S. networks at a depth & scope even I myself would label “impressive.”

“Rob, how do you know the Melissa virus invaded classified networks in 1999?” I know it because (here comes an atomic bomb!) I received an Air Force Outstanding Volunteer Service Medal for all the community service I provided to the U.S. intelligence community in the 1990s (back when Vmyths was known as the Computer Virus Myths Home Page). You can see the original framed medal, with citation, hanging on my wall in this video.

Did Gil Grissom lift a thumb­print off that USB thumb drive? I can’t wait to see an “FBI most wanted” poster with that finger­print on it…

I voluntarily wore my civilian hat countless times to quash the many virus hoaxes that raged deep within the U.S. intelligence community in the 1990s. Why did I wear my civilian hat when I could have worn my Air Force uniform? The answer is simple: most fools in the intelligence community won’t listen to DoD virus experts. So they called on me. A lot. And then they praised me with an Air Force Outstanding Volunteer Service Medal.

You know, I should plow through my personal email archives to see if Lynn got duped by a virus hoax in the 1990s. It wouldn’t surprise me if he did. His writing style exhibits just a hint of gullibility…

Okay, let’s get back on track. You can see I’ve got a healthy dose of skepticism over Lynn’s “Buckshot Yankee” revelation. And I’m not alone: Wired filed a story with the headline “Insiders Doubt 2008 Pentagon Hack Was Foreign Spy Attack.”

Waitaminit. GCN‘s breathless story includes the phrase “Lynn said Wednesday in a teleconference with reporters.” You mean to say he gabbed with the media on top of all the hype he wrote in an official capacity for a commercial publication? {sniff} I smell a book deal in the works when Lynn’s boss retires next year.

Memo to William J. Lynn III: an SES-4 nominated me for that Air Force medal, you know…


Other Links to this Post