Army Says 'WannaCry' Malware Didn't Infect Its Computers

FacebookXPinterestEmailEmailEmailShare

The U.S. Army on Wednesday disputed a report that some of its computers were infected by the "WannaCry" ransomware attack.

The website CyberScoop initially reported the malware struck Army Research Laboratory computers at Fort Huachuca in Arizona.

But Charlie Stadtlander, a spokesman for U.S. Army Cyber Command at Fort Belvoir in Virginia, said that wasn't the case.

"There is no malware on any system in Arizona," he said in a telephone interview with Military.com.

While he acknowledged that an IP address belonging to a server at the base appeared on a list of addresses associated with the malware, Stadtlander said, "There wasn't an infected machine. There wasn't a victim of the ransomware."

Rather, he said, the server was researching the code and as a result recorded "observable traffic."

"That Army instance under discussion was nothing but a network defense," he said.

%embed1%

Even so, the service has launched a massive review of its more than 1 million machines running versions of the Windows operating system to ensure the computers aren't affected by the bug, Stadtlander said.

It wasn't clear whether that work is taking place on both the Non-Classified Internet Protocol Router Network, or NIPRNet, for unclassified information and the Secret Internet Protocol Router Network, or SIPRNet, for classified information.

In a ransomware attack, malicious code penetrates a computer and disables the machine or certain functionality until a user pays the hacker a ransom.

In this case, the malware targeted software gaps first identified in NSA hacking tools that were leaked online and quickly infected computers in more than 100 countries around the globe. The attack was one of the biggest of its kind -- affecting everything from surgeries in Britain to train stations in Germany.

President Donald Trump's budget blueprint for fiscal 2018 doesn't include a top-line figure for federal cybersecurity spending, but vows major cyber investments to improve security on government networks.

Story Continues
Army DefenseTech News