Print 37 comment(s) - last by Darkk.. on Nov 26 at 12:25 AM

Government bans use of flash drives and begins to collect them after undisclosed virus plagues computers

Pentagon officials admitted an undisclosed virus has hit some Pentagon and DoD computers, which has forced officials to confiscate flash drives and ban the use of external hardware drives until further notice.

"We are aware of a global virus for which there are some public alerts on," said Pentagon spokesperson Bryan Whitman.  "And we've seen some of this on our networks.  And we're taking steps to identify and mitigate the virus."

Pentagon officials did not disclose which virus has infected government computers, or whether or not it has spread to classified computer networks.

The Pentagon computer network is made up of around 17,000 networks and seven million individual computers.  Pentagon computers are scanned for weaknesses millions of times each day by foreign computer users, Pentagon officials admitted.  

A November 17 Air Force internal memo issued the "immediate suspension" of flash drives used on any computer hooked up to both classified and unclassified computer networks.  The mandatory collection of USB flash drives is underway, with the possibility the drives will not be returned to their owners after the security check is complete.

China has been ruled out as the source of the Pentagon's latest security issue; although it's possible Russia or attackers from another Eastern European nation are involved in the security breach.

There's a growing concern of foreign-based computer attackers, especially from Chinese and Russian attackers, who have reportedly attacked computers in the United States, United Kingdom, France, and other nations.  The attacks normally are to help gain access to classified information and to test government security in an effort to better coordinate larger scale attacks in the future.  

The Department of Homeland Security (DHS) also has created new rules for DHS employees who attempt to use portable storage devices and flash drives connected to work computers.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

autorun feature
By kslavik on 11/24/2008 11:33:02 AM , Rating: 2
The problem with this particular virus is an autorun feature for the USB devices and removable hard drives. Once the Flash drive is inserted into the drive "autorun.exe" file would be executed by OS and virus would copy itself to the hard drive with couple of modifications to the registry. Another problem is when you click on the USB device from file explorer it would execute autorun as well instead of just going to the drive and displaying its content.

Original problem lays with Microsoft and its DEFAULT behavior to blindly run something from CD or from the USB drive without user notification or confirmation.

The second problem is with the government failure to disable this autorun functionality by group policy enforcement. So, now instead of fixing the headache they will remove the head instead.

I had the similar virus on my computer just couple of days ago, so it took me about 10 minutes to clean it up manually and change this default behavior to not run crap from USB devices when they are inserted.

RE: autorun feature
By sieistganzfett on 11/24/2008 6:12:21 PM , Rating: 2
the final solution would be a limited user account with a software restriction policy. it can be done on any business OS like 2000/xp pro or vista business/ultimate.

1. any virus can't run since its a program trying to launch from a location not explicity allowed (allow only windows and program files in the policy)
2. virus can't copy itself to windows and program files directory since it does not have administrative rights and that is required to write there.

it stops people from running crap from who knows where and crap running on its own like the autorun or closing websites executing an virus installer. (i allow lnk files and dlls, since every shortcut is a link to a program in windows ends up blocked otherwise, I forgot this my first two times and had to fix it through safemode or by a system restore, or a reg flip.

"This week I got an iPhone. This weekend I got four chargers so I can keep it charged everywhere I go and a land line so I can actually make phone calls." -- Facebook CEO Mark Zuckerberg

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki