The memory sticks were scattered in a washroom at a US military base in the Middle East that was providing support for the Iraq war.
They were deliberately infected with a computer worm, and the undisclosed foreign intelligence agency behind the operation was counting on the fallibility of human nature. According to those familiar with the events, it calculated that a soldier would pick up one of the memory sticks, pocket it and – against regulations – eventually plug it into a military laptop.
It was correct.
The result was the delivery of a self-propagating malicious worm into the computer system of the US military's central command – Centcom – which would take 14 months to eradicate.
That attack took place in 2008 and was acknowledged by the Pentagon only this August. It was strikingly similar to the recently disclosed cyber attack on Iran's nuclear facilities using the Stuxnet worm, which also appears to have used contaminated hardware in an attempt to cripple Iran's nuclear programme.
To read the rest of the article, click here.