French Navy (Marine Nationale) has recently admitted that the Conficker worm struck some important systems preventing operative units to download their flight plans as databases were infected. Even if warnings about the risk of being attacked by the virus had been issued in October 2008, the French military authorities did not install the required security patches on their Windows systems, issued by Microsoft on Oct. 15, 2008. Conficker targets the Microsoft Windows operating system and exploits a known vulnerability in the Windows Server service used by Windows 2000, WinXP, Vista, Windows Server 2K3 and Windows Server 2K8. When executed, the worm disables some system services (as the Win Update, the Security Center and the Personal Firewall), then connects to a server to download other malware, to gather information stored in the computer or to propagate to another target. According to the information released by the French military, the proliferation of the worm caused the loss of Availability but did not cause loss of data Integrity or Confidentiality. As a consequence of Conficker proliferation, the Marine Nationale had to cut the communication links and to use telephone, fax and post to communicate. A USB drive is suspected to be the media used by Conficker to enter the French internal networks. French officials believe it was not a deliberate attack and affirm that the most sensitive network, named Sicmar, was not affected by the worm that attacked only non-secured internal networks. Among them, the Intramar French Navy network, that was immediately isolated. However a certain number of computers were infected and on Jan 15 and 16, Navy’s Rafale could not depart since they were not able to download their flight plans. The French newspapers stressed that the Marine Nationale was not the only one to be hit by the virus: at the beginning of January 2009, the British Defence Ministry was atteacked by a version of the virus that infected some 24 RAF bases and 75% of the Royal Navy fleet, Ark Royal aircraft carrier comprised! Information Security is a driver of flight operations (and improves Aviation Safety).
Previous debriefings: Archive My Day 30 debrief, with some simple statistics about the number of air strikes conducted by NATO in Libya, opened a debate with the readers of this blog and Twitter followers. Someone […]
Close encounters between U.S. Navy F-4 Phantom fighter jets and Soviet Tu-95 Bear bombers were frequent in the skies near aircraft carriers around the world. A collection of shots taken by the U.S. planes, can […]
The NOTAM below, issued for LIRR (Roma ACC), is one of a series which testifies the presence in the Mediterranean Sea of the USS Enterprise. The “Big E” will be conducting blue waters ops between […]