The control systems for the US Air Force’s Predator and Reaper drones at Creech Air Force Base in Nevada have been infected by a persistent computer virus, one that appears to resist being removed. The virus appears to be a simple keylogger virus — a program that records the keystrokes of the person using the infected computer — so it doesn’t interfere with the actual flight operations of the pilots, but multiple attempts to remove the infection have proved to be fruitless — and the origin of the invasive program also remains unknown.
"We keep wiping it off, and it keeps coming back," according to a source familiar with the situation. "We think it’s benign. But we just don’t know."
The specialists working on the problem can’t tell if their systems were deliberately targeted for the infection, or if the virus wound up on them by happenstance. The virus has been found on both classified and unclassified computers at Creech, leaving open the possibility that sensitive data may have been recorded by the virus, and transmitted back over the (very public) internet to the infection’s masters.
Creech AFB’s ground control stations (GCS) are not connected to the internet, to eliminate the possibility of information from classified missions being transmitted to unauthorized parties. Instead, removable hard drives are used to move data, such as map updates and mission videos, between the control stations and the base’s network.
Suspecting that this was how the virus found its way onto the GCS stations, Creech’s technicians first tried removing the virus from the drives using antivirus programs, but it kept finding its way back onto the devices, forcing them to resort to formatting the drives and reprogramming them from scratch.