This article is more than 1 year old

US military battling cyber threats from within and without

As if attacks from China weren't enough, one of the Air Force's own has reportedly gone rogue

The US government is fighting a pair of cyber security incidents, one involving Chinese spies who potentially gained access to crucial American computer networks and the other related to an Air Force engineer allegedly compromised communications security by stealing sensitive equipment and taking it home.

Over the weekend it was reported by The New York Times that the White House not only fears, but is searching high and low for, malware believed to have been planted by China in critical American IT systems.

Specifically, it's thought that Beijing has buried malicious code in computer networks controlling water supplies, power grids, and communications for US military bases home and abroad.

This is a development of a story that emerged in May: that a Beijing-backed crew dubbed Volt Typhoon was targeting US military systems. Now it's believed that the gang's intrusions are more widespread, and that the malware can be used to remotely disable or disrupt US military systems should China ever find the need.

Such as if it ever invades Taiwan and the US decides a kinetic response is appropriate.

According to the Times, Volt Typhoon's malware has been described by at least one US official as a "ticking time bomb."

In a statement, Adam R. Hodge, the acting spokesperson for the National Security Council, said "The Biden administration is working relentlessly to defend the United States from any disruptions to our critical infrastructure, including by coordinating interagency efforts to protect water systems, pipelines, rail and aviation systems, among others."

Air Force intercepted

Also over the weekend, it was reported that a US Air Force engineer stole government equipment valued at $90,000. In doing so, he compromised the communications security of 17 military facilities — and possibly the FBI as well.

According to a copy of a search warrant obtained by Forbes, the techie – who worked at the Arnold Air Force Base in Tennessee – took home radio gear and operated it with "unauthorized administrator access."

That effectively gave him a snapshot of "the entire Arnold Air Force Base communications system," it is claimed.

The Pentagon, Air Force, and FBI are investigating the security SNAFU. The Bureau is involved because it's believed the suspect may also have had access to its communications.

The Register asked the Air Force, FBI, Department of Defense, and Department of Justice for comment. We will update this story if we hear back.

During a raid on the infosec specialist's home, the Feds reportedly seized multiple USB drives with "administrative passwords and electronic system keys" for the Air Education and Training Command radio network, and others containing "local law enforcement radio programming files," plus "Motorola radio programming files." Some of the documents were marked "CONFIDENTIAL RESTRICTED."

The airman, according to the warrant, "sold radios and radio equipment, worked odd hours, was arrogant, frequently lied, displayed inappropriate workplace behavior and sexual harassment, had financial problems, and possessed [Arnold Air Force Base land mobile radio] equipment."

He had also allegedly been reported twice because colleagues worried he represented an insider threat to the military, and was in possession of unauthorized Air Force equipment. The alleged thief did not respond to requests for comment, we're told.

The claims of equipment theft come just months after Air National Guardsman Jack Teixeira was taken into custody for allegedly leaking a trove of classified Pentagon documents on Discord.

Teixeira is behind bars awaiting trial on numerous charges. In July, he asked a judge to release him, arguing that he's charged with the same federal counts as former president Donald Trump, who remains at large. ®

More about

TIP US OFF

Send us news


Other stories you might like