Mailinglist Archive


U.S. Government Contractor Injects Malicious Software into
From:Joe Klemmer
Date: Sun, 22 Apr 2007 14:08:18 -0400

U.S. Government Contractor Injects Malicious Software into Critical
Military Computers
Bruce Schneier April 13, 2007

This is just a frightening story. Basically, a contractor with a top
secret security clearance was able to inject malicious code and sabotage
computers used to track Navy submarines.

Yeah, it was annoying to find and fix the problem, but hang on. How is
it possible for a single disgruntled idiot to damage a
multi-billion-dollar weapons system? Why aren't there any security
systems in place to prevent this? I'll bet anything that there was
absolutely no control or review over who put what code in where. I'll
bet that if this guy had been just a little bit cleverer, he could have
done a whole lot more damage without ever getting caught.

http://www.schneier.com/blog/archives/2007/04/us_government_c_1.html