Under Worm Assault, Military Bans Disks, USB Drives

Discussion in 'Community Discussion' started by fleshman03, Nov 19, 2008.

  1. fleshman03 macrumors 68000

    fleshman03

    Joined:
    May 27, 2008
    Location:
    Sioux City, IA
    #1
    Article From Wired:

    The Defense Department's geeks are spooked by a rapidly spreading worm crawling across their networks. So they've suspended the use of so-called thumb drives, CDs, flash media cards, and all other removable data storage devices from their nets, to try to keep the worm from multiplying any further.

    The ban comes from the commander of U.S. Strategic Command, according to an internal Army e-mail. It applies to both the secret SIPR and unclassified NIPR nets. The suspension, which includes everything from external hard drives to "floppy disks," is supposed to take effect "immediately." Similar notices went out to the other military services.
    In some organizations, the ban would be only a minor inconvenience. But the military relies heavily on such drives to store information. Bandwidth is often scarce out in the field. Networks are often considered unreliable. Takeaway storage is used constantly as a substitute.

    The problem, according to a second Army e-mail, was prompted by a "virus called Agent.btz." That's a variation of the "SillyFDC" worm, which spreads by copying itself to thumb drives and the like. When that drive or disk is plugged into a second computer, the worm replicates itself again — this time on the PC. "From there, it automatically downloads code from another location. And that code could be pretty much anything," says Ryan Olson, director of rapid response for the iDefense computer security firm. SillyFDC has been around, in various forms, since July 2005. Worms that use a similar method of infection go back even further — to the early '90s. "But at that time they relied on infecting floppy disks rather than USB drives," Olson adds.

    Servicemembers are supposed to "cease usage of all USB storage media until the USB devices are properly scanned and determined to be free of malware," one e-mail notes. Eventually, some government-approved drives will be allowed back under certain "mission-critical," but unclassified, circumstances. "Personally owned or non-authorized devices" are "prohibited" from here on out.

    To make sure troops and military civilians are observing the suspension, government security teams "will be conducting daily scans and running custom scripts on NIPRNET and SIPRNET to ensure the commercial malware has not been introduced," an e-mail says. "Any discovery of malware will result in the opening of a security incident report and will be referred to the appropriate security officer for action."

    "The USB ban should be effective in stopping the worm," Olson says. Asked if such a wide-spread measure was a bit of over-kill, Olson responded, "I don't know."

    "I know this [is an] inconvenience," e-mails one Michigan Army National Guardsman. "This has been briefed to the CoS [Chief of Staff] of the ARMY. This is not just a problem for Michigan, and is effecting operations around the world. This is a very serious threat and should be treated as such. Please understand that this is a form of attack, and we need to have patience in dealing with this issue."

    Link

    What do you think? Someone screwing with the military? Other Government? Or some poor guy trying to view porn off an infected thumb drive?
     
  2. iShater macrumors 604

    iShater

    Joined:
    Aug 13, 2002
    Location:
    Chicagoland
  3. Big-TDI-Guy macrumors 68030

    Big-TDI-Guy

    Joined:
    Jan 11, 2007
    #3
    When I was working in a closed area. (classified work) No phones, Ipods, USB drives - the ONLY thing that was allowed was commercial CDs. (no CDRs or DVDRs)

    I'm surprised the allowed this in the military in the first place. :eek:
     
  4. fleshman03 thread starter macrumors 68000

    fleshman03

    Joined:
    May 27, 2008
    Location:
    Sioux City, IA
    #4
    Lol. Those pretty much are the options too. But would someone be dumb or horny enough to start porn searching on a secure, top secret laptop?
     
  5. iShater macrumors 604

    iShater

    Joined:
    Aug 13, 2002
    Location:
    Chicagoland
    #5
    Maybe it started as a typo :p
     
  6. thejadedmonkey macrumors 604

    thejadedmonkey

    Joined:
    May 28, 2005
    Location:
    Pa
    #6
    Technically, doesn't this mean we can retaliate against the terrorists and bomb russia to smithereens?

    ...I'm not sure if I'm joking or not :eek:
     
  7. iShater macrumors 604

    iShater

    Joined:
    Aug 13, 2002
    Location:
    Chicagoland
    #7
    Any virus/worm/trojan is an attack, and has always been. Regardless if it infects a military or a civilian entity.
     
  8. Big-TDI-Guy macrumors 68030

    Big-TDI-Guy

    Joined:
    Jan 11, 2007
    #8
    Dear Russia:












    J/K ;)
     

    Attached Files:

  9. fleshman03 thread starter macrumors 68000

    fleshman03

    Joined:
    May 27, 2008
    Location:
    Sioux City, IA
    #9
    I know the feeling. However, I'm remembering when Russia cyberattacked Georgia via DDoS attacks. Maybe this being a Worm says something different?

    Am I paranoid??
     
  10. IJ Reilly macrumors P6

    IJ Reilly

    Joined:
    Jul 16, 2002
    Location:
    Palookaville
    #10
    What kind of an operating system has a security model so piss-poor that simply plugging a drive into the system can cause it to download and install remote code?

    Oh, that's right.
     
  11. rs7 macrumors regular

    Joined:
    Oct 24, 2008
    #11
    LOL.
     

Share This Page