Creech Operations Unaffected by Malware

The malware detected on stand-alone computer systems at Creech AFB, Nev., has not affected the Air Force’s remotely piloted aircraft operations, said officials with 24th Air Force, USAF’s cyber operations arm, at Peterson AFB, Colo. “[W]e felt it important to declassify portions of the information associated with this event to ensure the public understands that the detected and quarantined virus posed no threat to our operational mission and that control of our remotely piloted aircraft was never in question,” said Col. Kathleen Cook, Air Force Space Command spokeswoman. Air Force cyber officials on Sept 15 detected the malware on portable hard drives used for transferring information between systems. They isolated it and began a forensic process to track its origin and clean the infected computers. The infected systems were part of the ground control system that supports RPA operations, but they were separate from the RPA flight control system, they said. The malware in question is a credential stealer, not a keylogger as initial press reports indicated, they said. It “is considered more of a nuisance than an operational threat,” they noted. (Peterson release) (See our initial coverage of this issue.)