Pentagon Attacked by Computer Virus

Foreign state suspected in new computer virus that infected Pentagon networks

BY:

A computer virus that destroys documents and spreads to other networks recently infected computers at the Pentagon, the Defense Information Systems Agency (DISA) said on Thursday.

One of the Pentagon’s hundreds of networks "recently identified an infection after having issues opening Word and Excel documents," DISA said in a statement.

The agency urged all network administrators to initiate software countermeasures to ensure that networks "are protected from [this] new threat."

The Pentagon said the software security firm McAfee provided details on the virus, which was most likely spread from spam email messages.

Dmitri Alperovitch, a computer security specialist, told the Free Beacon, that the sophisticated attack software most likely originated from a foreign government, possibly China.

"This definitely looks like a nation-state actor but I can't tell if it's China without doing deeper analysis," Alperovitch said.

China is known to be the source of major computer attacks on Pentagon, U.S. government, and private computer networks.

Secretary of State Hillary Clinton, who visited China this week, said she discussed the topic of computer security during meetings with Chinese officials.

After meeting Chinese Foreign Minister Yang Jiechi, Clinton said she "raised the growing threat of cyber attacks that are occurring on an increasing basis."

"Both the United States and China are victims of cyber attacks. Intellectual property, commercial data, national security information is being targeted," she said. "This is an issue of increasing concern to the business community and the government of the United States, as well as many other countries, and it is vital that we work together to curb this behavior."

According to an Aug. 31 McAfee threat alert, the virus has two names: W32/XDocCrypt.a, and W32/XDocCrypt.b, that "parasitically infects" Microsoft Office Word, Excel, and related executable files.

The virus appears to be designed to destroy or disable documents by first encoding its contents using an encryption program, and then replacing the document with a malicious software file that the encrypted data attached to it. The original data is eventually deleted if the infection is not detected and steps are not taken to recover the documents.

The virus also replicates itself and spreads to other computers.

"The infection routine searches for files with ‘.doc’, ‘.xls’ or ‘.exe’ in the file name, and tries to infect them," the report said.

To prevent digital infections, the security firm recommended blocking five Internet addresses: 184.82.162.163, 184.22.103.202, attow.com.br, www.zugo-bikes.com, forum.perfect-privacy.com.

Bill Gertz   Email Bill | Full Bio | RSS
Bill Gertz is senior editor of the Washington Free Beacon. Prior to joining the Beacon he was a national security reporter, editor, and columnist for 27 years at the Washington Times. Bill is the author of seven books, four of which were national bestsellers. His most recent book was iWar: War and Peace in the Information Age, a look at information warfare in its many forms and the enemies that are waging it. Bill has an international reputation. Vyachaslav Trubnikov, head of the Russian Foreign Intelligence Service, once called him a “tool of the CIA” after he wrote an article exposing Russian intelligence operations in the Balkans. A senior CIA official once threatened to have a cruise missile fired at his desk after he wrote a column critical of the CIA’s analysis of China. And China’s communist government has criticized him for news reports exposing China’s weapons and missile sales to rogues states. The state-run Xinhua news agency in 2006 identified Bill as the No. 1 “anti-China expert” in the world. Bill insists he is very much pro-China—pro-Chinese people and opposed to the communist system. Former Defense Secretary Donald H. Rumsfeld once told him: “You are drilling holes in the Pentagon and sucking out information.” His Twitter handle is @BillGertz.

×
THE MORNING BEACON DAILY NEWSLETTER
MAKES IT EASIER TO STAY INFORMED
Get the news that matters most to you, delivered straight to your inbox daily.

Register today!
  • Grow your email list exponentially
  • Dramatically increase your conversion rates
  • Engage more with your audience
  • Boost your current and future profits