A 2008 cyber attack by an unnamed foreign intelligence service led to an infected flash drive being inserted into a U.S. military laptop on a post in the Middle East in 2008.
In a piece being published in the journal Foreign Affairs, Deputy Defense Secretary William J. Lynn offers what appears to be the the first public confirmation that a foreign intelligence agency ever penetrated the U.S. military's computer networks. In reaction to the breach, the Defense Department subsequently banned the use of flash drives in 2008. That policy has since been changed.
"That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control," Lynn is quoted in the Washington Post, which got an advance copy of the Foreign Affairs article. "It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary."