French Navy Rafales grounded by a computer virus

French Navy (Marine Nationale) has recently admitted that the Conficker worm struck some important systems preventing operative units to download their flight plans as databases were infected. Even if warnings about the risk of being attacked by the virus had been issued in October 2008, the French military authorities did not install the required security patches on their Windows systems, issued by Microsoft on Oct. 15, 2008. Conficker targets the Microsoft Windows operating system and exploits a known vulnerability in the Windows Server service used by Windows 2000, WinXP, Vista, Windows Server 2K3 and Windows Server 2K8. When executed, the worm disables some system services (as the Win Update, the Security Center and the Personal Firewall), then connects to a server to download other malware, to gather information stored in the computer or to propagate to another target. According to the information released by the French military, the proliferation of the worm caused the loss of Availability but did not cause loss of data Integrity or Confidentiality. As a consequence of Conficker proliferation, the Marine Nationale had to cut the communication links and to use telephone, fax and post to communicate. A USB drive is suspected to be the media used by Conficker to enter the French internal networks. French officials believe it was not a deliberate attack and affirm that the most sensitive network, named Sicmar, was not affected by the worm that attacked only non-secured internal networks. Among them, the Intramar French Navy network, that was immediately isolated. However a certain number of computers were infected and on Jan 15 and 16, Navy’s Rafale could not depart since they were not able to download their flight plans. The French newspapers stressed that the Marine Nationale was not the only one to be hit by the virus: at the beginning of January 2009, the British Defence Ministry was atteacked by a version of the virus that infected some 24 RAF bases and 75% of the Royal Navy fleet, Ark Royal aircraft carrier comprised! Information Security is a driver of flight operations (and improves Aviation Safety).

French Navy picture
© Marine Nationale
About David Cenciotti 3818 Articles
David Cenciotti is a freelance journalist based in Rome, Italy. He is the Founder and Editor of “The Aviationist”, one of the world’s most famous and read military aviation blogs. Since 1996, he has written for major worldwide magazines, including Air Forces Monthly, Combat Aircraft, and many others, covering aviation, defense, war, industry, intelligence, crime and cyberwar. He has reported from the U.S., Europe, Australia and Syria, and flown several combat planes with different air forces. He is a former 2nd Lt. of the Italian Air Force, a private pilot and a graduate in Computer Engineering. He has written four books.