Let’s cut to the chase. U.S. Deputy Defense Secretary William J. Lynn III wrote an op-ed for a commercial publication in which he claims a single USB thumb drive caused the worst military data breach in history. And according to Wikipedia, that one little USB stick led to the creation of the Pentagon’s new Cyber Command.

Why did it take this guy nine years to hear a “wake-up call”?

Breathless reports like this one say this single specific tiny little USB thumb drive got infected with agent.btz, a tiny little chunk of malware the antivirus world has known about since, what, 2008? Yet it took at least 14 months for the Pentagon to clean it up.

Come on, people — fourteen months?!? The antivirus experts dismiss agent.btz as banal, not brilliant.

I’ll bet it took so long only because it was a classified operation. This malware would have blown over in a week if DoD-CERT had issued an email saying “hey, there’s a new virus running around, please scan your PCs for agent.btz.”

{sniff} I can definitely smell a lot of groupthink here. Not to mention hype, which goes hand in hand with groupthink.

Lynn suffers from a short memory span. We know this because he thinks the Pentagon got “a wake-up call” when agent.btz slithered into classified networks. If Lynn’s brain had more RAM, he would recall the Melissa virus did EXACTLY the same thing in 1999. It infected classified U.S. networks at a depth & scope even I myself would label “impressive.”

“Rob, how do you know the Melissa virus invaded classified networks in 1999?” I know it because (here comes an atomic bomb!) I received an Air Force Outstanding Volunteer Service Medal for all the community service I provided to the U.S. intelligence community in the 1990s (back when Vmyths was known as the Computer Virus Myths Home Page). You can see the original framed medal, with citation, hanging on my wall in this video.

Did Gil Grissom lift a thumb­print off that USB thumb drive? I can’t wait to see an “FBI most wanted” poster with that finger­print on it…

I voluntarily wore my civilian hat countless times to quash the many virus hoaxes that raged deep within the U.S. intelligence community in the 1990s. Why did I wear my civilian hat when I could have worn my Air Force uniform? The answer is simple: most fools in the intelligence community won’t listen to DoD virus experts. So they called on me. A lot. And then they praised me with an Air Force Outstanding Volunteer Service Medal.

You know, I should plow through my personal email archives to see if Lynn got duped by a virus hoax in the 1990s. It wouldn’t surprise me if he did. His writing style exhibits just a hint of gullibility…

Okay, let’s get back on track. You can see I’ve got a healthy dose of skepticism over Lynn’s “Buckshot Yankee” revelation. And I’m not alone: Wired filed a story with the headline “Insiders Doubt 2008 Pentagon Hack Was Foreign Spy Attack.”

Waitaminit. GCN‘s breathless story includes the phrase “Lynn said Wednesday in a teleconference with reporters.” You mean to say he gabbed with the media on top of all the hype he wrote in an official capacity for a commercial publication? {sniff} I smell a book deal in the works when Lynn’s boss retires next year.

Memo to William J. Lynn III: an SES-4 nominated me for that Air Force medal, you know…

Let’s begin with a straightforward statement. McAfee expert Francois Paget got duped by a YouTube video, he went “nutty professor,” and he wrote a hysterical blog about it on McAfee’s official website (archived here).

And then, just for good measure, Paget touted a new McAfee product that can protect you from being duped— protect you from the hysteria he— protect you from the threat he concocted— oh, never mind.

It disturbs me that Francois Paget got duped so easily. Memo to Paget: click here.

Wired pundit Kevin Poulsen exposed Paget’s stupidity in a rather blistering story. Poulsen reveals a German “viral video” production firm conceived the “Blair Witch” script to promote (get this!) a conference for video gamers.

It disturbs me that Paget got duped so easily. A quick glance at the video stats reveal it’s been watched more than a million times in just the last half-year. Clue, anyone?

If this was a genuine SCADA attack, all the SCADA hype-meisters out there would have pounced on this video the very day it came out. Why, then, would Paget be the first expert to label it a SCADA attack a half-year later? How could he not realize this?

Did Paget do basic research to learn where this SCADA attack took place? No. Did Paget do basic research to learn which hacking group took credit for this SCADA attack? No. Did Paget do basic research to learn how this hacking group pulled off their SCADA attack? No. Did Paget do basic research to learn…

Hey, you know what I just did? I did some basic research on Paget for this column. “Basic research, Rob? That’s amazing!” Thanks for the facetiousness but, really, it was nothing. Anyway, I came across Paget’s LinkedIn profile (or at least a cleverly disguised hoax profile which, according to Paget, is as good as the original.) He’s worked at McAfee since at least 1993 when he—

—waitaminit, I just got an email from the Frenchman. It reads:

“Dear Rob, I heard that you work for the CIA. Can you give me some details on how NCIS agent Timothy McGee hacked into your CIA network so easily? TIA! All my love, Francois.”

Even worse for Paget’s stupidity level — you can watch the YouTube video in high def. That’s what we call “a subtle clue.” Al Qaeda’s movie studio couldn’t possibly match Hollywood’s infinite resources to produce HD video. Heck, you can’t even watch this staged remote-control diesel engine attack in high def.

(Hmmm. You know, I couldn’t have bashed Paget so easily if he’d used the diesel engine attack video. Lucky me.)

The production company calls it a “viral video.” Sadly, Paget got infected. And McAfee spread the virus through their official blog. Much to the production company’s delight, I’m sure.

Let’s run with this absurdity, shall we? Let’s pretend Paget got duped by the trailer for the new movie “Pontypool“:

Last week, I discovered a video posted on YouTube. We can see an entire town getting infected by a virus that spreads via the English language. Two guys having a conversation can spread the virus! I have some doubts about the technical aspects of a virus spreading through the spoken word. But fake or not, the video confirms that terrorists have got their eyes on lexicon viruses. Perhaps the first demo was just for fun, but the others will have less juvenile goals. An attack can involve nationwide damage, a terrible effect on the public’s morale, and huge financial losses. Modern language is more vulnerable than ever…

Or hey, what if Paget got duped by the movie “Eagle Eye“? Or what if he got duped by this episode of “Fringe“? Or what if he got duped by the movie “Fatal Error“?

It’s a “viral video.” Sadly, Paget got infected. And McAfee spread the virus through their official blog…

Or — good grief, what if Paget got duped by the new “Land of the Lost” comedy? “I have some doubts about the technical aspects of using tachyons to travel instantly through time and relative dimensions in space. But fake or not, this movie trailer confirms that terrorists have got their eyes on TARDIS machines…”

(“Uh, Rob. You mixed up ‘Land of the Lost’ with ‘Dr. Who.’” I did? Crud. I should have done basic research before I wrote that last paragraph. But no matter! Paget will agree with me that the Enterprise is the same as the Jupiter II and Joey from “Friends” was as good a starship driver as Sulu was in “Galaxy Quest.”)

Run with it, folks! Make up a parody of Paget’s blog and post it as a comment to this column. Or post it on your own blog and throw me a pingback. Let’s tear a pound of flesh out of this hysteria-monger.

If we follow Paget’s {ahem} “logic,” then the solution to our woes is simple. We just need to get McAfee to sponsor these horrific viral videos.

Seriously! If you’re a fan of the TV show “24,” then you know Cisco firewalls stand strong while everything else of a cyber nature collapses as part of a diabolical Hollywood plot line. The only reason Cisco firewalls are impenetrable is because Cisco sponsors the show.

So. By Paget’s {ahem} logic, if McAfee sponsored every SCADA attack video, then our problems would be solved!

“I have some doubts about the technical aspects of a firewall standing up to a SCADA attack just because McAfee sponsored the video production. But fake or not, those videos will confirm that terrorists cannot get past the security of McAfee software…”

You know what’s really sad about all this? Every absurdity in this column passes muster if we follow Paget’s {ahem} logic.

Folks, something bad is happening at McAfee. First David Milam goes insane; now Francois Paget. And I finally understand why.

Last week, you see, I discovered a video posted on YouTube. It shows how an entire company can get infected by a disease that spreads via the act of breathing. Two guys breathing the same air can spread the disease! I have some doubts about the technical aspects of a disease spreading this way. But fake or not, the video confirms that terrorists have got their eyes on making us suffer this disease…