Date of report
  • November 2008
Agent.btz was malicious software designed to steal documents from classified and unclassified U.S. military networks in 2008. A flash drive infected with Agent.btz was reportedly inserted into a laptop at a U.S. military base in the Middle East, and from there the worm spread undetected to U.S. computers at the Department of Defense and in combat zones. Russia is suspected of being behind the incident. Once the compromise was detected, it took fourteen months to remove Agent.btz from the Pentagon’s networks and the incident triggered a departmental ban of USB drives. Agent.btz was a significant breach of U.S. military systems, and the vulnerabilities it exposed ultimately led to the creation of U.S. Cyber Command, a military command with the mission of defending Department of Defense networks and conducting offensive cyber operations for the U.S. military.
Suspected victims
  • United States
  • Italy
  • Poland
  • United Kingdom
  • Russia
  • Kazakhstan
  • Latvia
  • Ukraine
  • Spain
  • Germany
  • Lithuania
Suspected state sponsor
  • Russian Federation
Type of incident
  • Espionage
Target category
  • Military
  • Private sector
Victim government reaction
  • Unknown
Suspected state sponsor response