backtop


Print 37 comment(s) - last by Darkk.. on Nov 26 at 12:25 AM

Government bans use of flash drives and begins to collect them after undisclosed virus plagues computers

Pentagon officials admitted an undisclosed virus has hit some Pentagon and DoD computers, which has forced officials to confiscate flash drives and ban the use of external hardware drives until further notice.

"We are aware of a global virus for which there are some public alerts on," said Pentagon spokesperson Bryan Whitman.  "And we've seen some of this on our networks.  And we're taking steps to identify and mitigate the virus."

Pentagon officials did not disclose which virus has infected government computers, or whether or not it has spread to classified computer networks.

The Pentagon computer network is made up of around 17,000 networks and seven million individual computers.  Pentagon computers are scanned for weaknesses millions of times each day by foreign computer users, Pentagon officials admitted.  

A November 17 Air Force internal memo issued the "immediate suspension" of flash drives used on any computer hooked up to both classified and unclassified computer networks.  The mandatory collection of USB flash drives is underway, with the possibility the drives will not be returned to their owners after the security check is complete.

China has been ruled out as the source of the Pentagon's latest security issue; although it's possible Russia or attackers from another Eastern European nation are involved in the security breach.

There's a growing concern of foreign-based computer attackers, especially from Chinese and Russian attackers, who have reportedly attacked computers in the United States, United Kingdom, France, and other nations.  The attacks normally are to help gain access to classified information and to test government security in an effort to better coordinate larger scale attacks in the future.  

The Department of Homeland Security (DHS) also has created new rules for DHS employees who attempt to use portable storage devices and flash drives connected to work computers.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Days ago
By rdeegvainl on 11/24/2008 4:41:25 AM , Rating: 1
This was on mainstream media last week.




RE: Days ago
By Jedi2155 on 11/24/2008 4:42:43 AM , Rating: 3
As I don't check mainstream media very often, I am glad that DailyTech decided to report this.


RE: Days ago
By nosfe on 11/24/2008 4:45:24 AM , Rating: 2
haven't watched tv in months and i feel soooo bad about it heheheh


RE: Days ago
By Jedi2155 on 11/24/2008 4:47:21 AM , Rating: 5
No reason to watch TV when you have the Internet :).

Have not been watching TV regularly since 2002 :).


RE: Days ago
By rdeegvainl on 11/24/2008 4:57:11 AM , Rating: 2
me either, it plays in the background at the chow hall and the gym, and this particular event was EVERYWHERE!!!


RE: Days ago
By afkrotch on 11/24/2008 5:41:33 AM , Rating: 3
Why watch TV, when you can download the tv show without commercials.


RE: Days ago
By IceBreakerG on 11/24/2008 8:34:40 AM , Rating: 2
I don't know if you've noticed, but it seems like the commercials "are the show" now. So in essence, if you download the show without them, you'll be missing on on the most important part!


RE: Days ago
By spluurfg on 11/24/2008 9:24:05 AM , Rating: 2
Also I don't think dailytech has quite the same budget so I think I can forgive them


RE: Days ago
By murphyslabrat on 11/24/2008 9:40:56 AM , Rating: 2
I am sure that the headline for the story was something like, "Unidentified nation launches a cyber assault on the Pentagon" or some other sensationalist thing like that.


RE: Days ago
By marvdmartian on 11/24/2008 10:38:29 AM , Rating: 2
Um, yeah.....old news!

http://blog.wired.com/defense/2008/11/army-bans-us...

For those interested, this includes not only jump drives, but also usb interfaced hard drives and even digital cameras. This is a nasty little worm, from what I hear!

Really sad, though. The government runs a half crippled version of windows xp (soon to go to vista, though why I'll never understand!), blocks all sorts of websites due to objectionable content, blocks spam e-mails (so no clicking on ads for ED drugs, etc, like someone below thought)..... yet they still have problems with crap like this worm! I get a kick out of it, since the week before, they told everyone to stop putting recorded media in their cd drives, and I'd bet that's where they thought the worm originated from. Yeah, I'm sure my Christmas mp3 disk has all sorts of nasty viruses on it! ;)


RE: Days ago
By Alexstarfire on 11/24/2008 1:27:28 PM , Rating: 2
So memory cards are still legit then? Cause I could just use my phone then. Course the government agents should be better trained for technology. It affects them the most.


RE: Days ago
By Spuke on 11/24/2008 3:37:31 PM , Rating: 2
Memory cards are banned too.


RE: Days ago
By marvdmartian on 11/24/2008 3:46:10 PM , Rating: 2
Even rewriteable optical disks (cdrw & dvdrw). Since all the floppy drives in use anymore are usb.....guess what? Yeah, not even floppy drives!


Peopleware is still the main problem
By rbfowler9lfc on 11/24/2008 6:13:43 AM , Rating: 5
What's the point on banning pen drives if people are still willing to pass on dozens of chain e-mails about missing children, ch3ap c1ali5 and deliberately clicking on links because their CitiFinancial account must be renewed or the IRS are after them?

Buy these people new brains, that'll solve the problem.




RE: Peopleware is still the main problem
By Regs on 11/24/2008 8:47:39 AM , Rating: 2
That's true. Though at least e mails and web browsing can be controlled and regulated internally. USB drives can travel from one station to the next and can spread a virus through mutliple hubs like wild fire.


RE: Peopleware is still the main problem
By foolsgambit11 on 11/24/2008 9:37:29 AM , Rating: 2
And, although it was already against the rules to use them on both networks, USB drives could transmit the virus from the unclassified to the classified network. Just because it's against the rules and incredibly dangerous doesn't mean somebody won't do it. But if they don't have access to the thumb drive in the beginning, they can't do something stupid.


RE: Peopleware is still the main problem
By Spivonious on 11/24/2008 9:57:35 AM , Rating: 2
Didn't the antivirus software scan the flash drive when it was inserted? I don't understand how a virus could make its way into the Pentagon networks.


RE: Peopleware is still the main problem
By retrospooty on 11/24/2008 11:02:37 AM , Rating: 2
A lot of AV software is crap. They don't all always work - especially if its a relatively new Virus. Also, alot of times they will detect the Virus, but be unable to clean it.


RE: Peopleware is still the main problem
By Spuke on 11/24/08, Rating: 0
RE: Peopleware is still the main problem
By foolsgambit11 on 11/24/2008 3:18:22 PM , Rating: 2
I'm pretty sure (not 100%, but it seems to me I remember it this way) that classified networks don't have AV software on them. The assumption being that you can't get a virus if every user and every program is completely trusted....


By rdeegvainl on 11/24/2008 3:35:02 PM , Rating: 2
im pretty sure, YOU ARE WRONG


By Spuke on 11/24/2008 3:38:26 PM , Rating: 2
It's not just classified networks.


Banned USB?
By DjiSaSie on 11/24/2008 6:35:00 AM , Rating: 4
At our office, we have banned UFD long time ago ... Why it took a long time for a "Military headquarters" to do the same?
Maybe because of a super virus, that completely undetectable on access, a super rootkits?




RE: Banned USB?
By wideout on 11/24/2008 7:40:14 AM , Rating: 2
I work for a different branch of the government, Department of the Treasury, and they just recently allowed the use of USB Flash Drives. Though, their concern was more about encryption of data put on the flash drive as opposed to viruses.

If the US Government really wanted to embrace USB Flash Drive technology, they should severely punish anybody who misuses it (spreads a virus, looses the drive, etc). I mean, that is pretty much how they pretty much solved stupid chain e-mails and reply to all e-mails inside the government. If you enforce a punishment, either the stupid people will be fired, leave, or learn to behave.


RE: Banned USB?
By jonmcc33 on 11/24/2008 7:59:45 AM , Rating: 4
They should lock their systems down with Group Policy and only allow authorized users with issued USB flash drives to use them. That would resolve this issue.

When I was in the USAF nobody was allowed to plug their personal PDA's in at all or anything. Local admin rights were removed from everyone so nobody could install hardware or software.

Of course thumb drives weren't as cheap or popular back then either.


RE: Banned USB?
By Alexstarfire on 11/24/2008 1:30:55 PM , Rating: 2
But my phone doesn't need to be installed to use it as a mass storage device. I think the same can be said about flash drives too.


autorun feature
By kslavik on 11/24/2008 11:33:02 AM , Rating: 2
The problem with this particular virus is an autorun feature for the USB devices and removable hard drives. Once the Flash drive is inserted into the drive "autorun.exe" file would be executed by OS and virus would copy itself to the hard drive with couple of modifications to the registry. Another problem is when you click on the USB device from file explorer it would execute autorun as well instead of just going to the drive and displaying its content.

Original problem lays with Microsoft and its DEFAULT behavior to blindly run something from CD or from the USB drive without user notification or confirmation.

The second problem is with the government failure to disable this autorun functionality by group policy enforcement. So, now instead of fixing the headache they will remove the head instead.

I had the similar virus on my computer just couple of days ago, so it took me about 10 minutes to clean it up manually and change this default behavior to not run crap from USB devices when they are inserted.




RE: autorun feature
By sieistganzfett on 11/24/2008 6:12:21 PM , Rating: 2
the final solution would be a limited user account with a software restriction policy. it can be done on any business OS like 2000/xp pro or vista business/ultimate.

1. any virus can't run since its a program trying to launch from a location not explicity allowed (allow only windows and program files in the policy)
2. virus can't copy itself to windows and program files directory since it does not have administrative rights and that is required to write there.

it stops people from running crap from who knows where and crap running on its own like the autorun or closing websites executing an virus installer. (i allow lnk files and dlls, since every shortcut is a link to a program in windows ends up blocked otherwise, I forgot this my first two times and had to fix it through safemode or by a system restore, or a reg flip.


A way to stop viruses
By acer905 on 11/24/2008 10:16:36 AM , Rating: 2
If they want to be really secure, they could always ditch all networking but that would disrupt productivity... So why not simply create a brand new os with as little as, or nothing in common with any known os for their computers to use?




Headline should read:
By austinag on 11/24/2008 11:57:01 AM , Rating: 2
Pentagon adopts 3 year old SOP.




Facts For The Misinformed
By KakarotUSMC on 11/24/2008 6:25:57 PM , Rating: 2
Maybe some government agencies use Symantec, but the Marine Corps uses McAfee. Not that it's any better of course, but it's what is currently in place.

Here is the link to the MARADMIN which describes the new policy regarding removable media:

http://www.marines.mil/news/messages/Pages/IMMEDIA...

As you can see, camera flash cards are included.

I run Ubuntu at home, so I find all of this Windows security stuff annoying when I get to work and it takes 10-15 minutes for my laptop to boot through all of the security scripts.




simple solution
By CryptoQuick on 11/24/2008 10:26:22 PM , Rating: 2
just run linux lol




DUH!
By TimberJon on 11/25/2008 1:06:31 PM , Rating: 2
I expected to see at least 10+ posts with a DUH in it. Security breach much? How would such a concealable storage device be allowed anywhere within a government building?




I guess iPods are....
By Darkk on 11/26/2008 12:25:18 AM , Rating: 2
I guess they will also ban iPods as they too can be used as a removable storage device.

When I worked for a certain company a few years ago in the IT Department we had a growing concern about USB devices so we restricted the usbstor.sys file to only be accessible with an admin account. Very few people complained about it but told them in a nice way that it's our policy to protect confidential information stored on the servers and limit liability of exposing such information to the outside world.

We locked those PCs down tight and never had a problem with viruses or worms. Every e-mails are triple scanned before the recipient can read it.

It may sound like an overkill but these days social security numbers and other bits of info are worth weight in gold to identity thieves so we had to do everything we could to prevent that from happening.




Volatility:The Digital Landscape
By Floorbit on 11/24/08, Rating: -1
By Floorbit on 11/24/2008 10:23:17 AM , Rating: 2
IMO to me,at the desktop has always been much the same as handling a wet fish.


Oh yeah, ban USB Drives...
By FaceMaster on 11/24/08, Rating: -1
"The Space Elevator will be built about 50 years after everyone stops laughing" -- Sir Arthur C. Clarke











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki