Buckshot Yankee

Then-U.S.
Deputy Secretary of Defense William J. Lynn III called it “the most significant
breach of U.S. military computers ever” and “a network administrator’s worst
fear” when, in 2008, a silently operating, rogue program infiltrated classified
U.S. military networks. The infection began at a base in the Middle East when
an infected flash drive was inserted into a military laptop and subsequently
uploaded malware onto a network controlled by U.S. Central Command. The Trojan,
dubbed “agent.btz,” was reportedly a variant of the older and better known
‘SillyFDC‘ worm that was coded to replicate itself when the media storage
device it was stored on was plugged into a computer. It created what Lynn said amounted
to a ‘digital beachhead,’ from which classified and unclassified data was then
transferred to foreign controlled servers. The response to this incident,
codenamed “Buckshot Yankee,” included an initial all-out ban on removable
storage devices (that was eventually lifted) and the creation of the U.S. Cyber
Command. It took more than a year to completely remove all infections from the
network. The source of the attack is still unknown.