Duffel Blog

Share this post
Ransomware takedown of DTS went unnoticed for years
www.duffelblog.com

Ransomware takedown of DTS went unnoticed for years

Approved expense reports would have raised more suspicions.

Jul 16, 2021
16
5
Share this post
Ransomware takedown of DTS went unnoticed for years
www.duffelblog.com

By W.E. Linde

WASHINGTON — A newly-released report from the Pentagon has found that the Defense Travel System, the automated travel scheduling and payment system used by military personnel for over 15 years, was taken down approximately 5 years ago by a ransomware attack from foreign cybercriminal hackers. As of the release of the report, hardly anyone had noticed.

“Most of us just figured we weren’t getting paid because the system is notoriously buggy,” said Master Sgt. Ken Gates, an Air Force instructor who travels frequently. “But now they’re saying it’s because an Eastern European hacker group seized critical data and wants to be paid by the government before they release it? Yeah, well, stand in line, dudes.”

The review of DTS was part of a series of Pentagon-wide audits which started in 2017. Of the three audits so far, the Pentagon has not passed a single one.

“So we figured, well, that’s life!” said Col. Thomas Mallory, of the Defense Finance Accounting Service. “DTS is a mess, just like the rest of our finances. C’est la vie!”

This sentiment was shared all through the ranks.

Share

“I had the hardest time scheduling my flight and lodging for TDY about six months ago,” said Maj. Jennifer McClain, an Army intelligence officer. “About a week after I submitted my voucher, I got a message saying that I will never see a penny until the U.S. quits supporting Israel. I thought it was just being honest that my approving officials would never do their jobs. It was kind of refreshing.”

Capt. Daniel Tayler accompanied Maj. McClain on that TDY. “I had uploaded receipts for my hotel and flight,” Tayler said. “Two weeks later, I was informed by DTS to ‘reload those receipts, you bitch. You still won’t get money.’  I was impressed that the system wasn’t pretending to want to help me anymore.”

A review of the messages issued by the foreign cybercriminals responsible show that, at first, they grew increasingly frustrated with not being noticed.

“Your hotel and rentals are now canceled” read one message. “You can blame your homicidal government for meddling in the Middle East for this! Are you even listening?” But within the last few months, that anger changed to frustration, and then concern.

“How do you live like this?” the hackers recently asked Air Force Staff Sgt. Daniel Kane, after payment for his TDY to NCO academy was delayed for a third time. “We can maybe float you a loan, if you need it.”

Once the ransomware takedown was detected, Pentagon finance teams sprang into action.

“We submitted an authorization request for a TDY to Congress so we could ask for money to fix it,” said Col. Mallory. After a few moments of refreshing his screen, he sighed. “It’s not approved yet.”

W.E. Linde (aka Major Crunch) writes a lot. Former military intelligence officer, amateur historian, blogger/writer at DamperThree.com. Strives to be a satirist, but probably just sarcastic.  Twitter @welinde. As for Class contributed to this report.

Leave a comment

5
Share this post
Ransomware takedown of DTS went unnoticed for years
www.duffelblog.com
5 Comments

Create your profile

0 subscriptions will be displayed on your profile (edit)

Skip for now

Only paid subscribers can comment on this post

Already a paid subscriber? Sign in

Check your email

For your security, we need to re-authenticate you.

Click the link we sent to , or click here to sign in.

Carl
Jul 16, 2021

Are you sure? DOD still owes me travel, rental car and lodging expenses from 1985 and we were still in pen and paper back then. Last year they asked for copies of my receipts for a stay at La Quinta at Killeen, Texas for a mission I did during Bill Clinton's first administration.

Expand full comment
ReplyCollapse
2 replies
founding
LA Enck
Jul 16, 2021

How do you live like this?” the hackers recently asked Air Force Staff Sgt. Daniel Kane, after payment for his TDY to NCO academy was delayed for a third time. “We can maybe float you a loan, if you need it.”

Sounds like there’s a connection between off-base predatory lenders and cyberterrorism!

Expand full comment
ReplyCollapse
3 more comments…
TopNewCommunity

No posts

Ready for more?

© 2022 Duffel Blog LLC
Privacy ∙ Terms ∙ Collection notice
Publish on Substack Get the app
Substack is the home for great writing