http://www.wired.com/dangerroom/2010/02/hackers-troops-rejoice-pentagon-lifts-thumb-drive-ban/ By Noah Shachtman Danger Room Wired.com February 18, 2010 Soldiers, you are now cleared to use your thumb drives again. U.S. Strategic Command has lifted its ban on the tiny drives, memory sticks, CDs and other "removable flash media" on military networks. The repeal, first reported by InsideDefense.com, may be good news for troops, who depend on the drives to move data in bandwidth-starved locations. But it may be good news for hackers, too. The original network security concerns which prompted the ban haven’t really been addressed, one Strategic Command cyber defense specialist tells Danger Room: “Not much changed. StratCom simply does not have the support to enforce such a ban indefinitely.” StratCom prohibited the drives’ use back in November 2008 after the Agent.btz virus began working its way through military networks. A variation of the “SillyFDC” worm, Agent.btz spreads by copying itself from thumb drive to computer and back again. Once on a PC, “it automatically downloads code from another location. And that code could be pretty much anything,” iDefense computer security expert Ryan Olson said at the time. There was also talk that such infections might be deliberate attacks on the Defense Department’s networks. The ban was billed in one StratCom e-mail as a way to counter “adversary efforts to penetrate, disrupt, interrupt, exploit or destroy critical elements of the GIG” [Global Information Grid]. Jim Lewis, with the Center for Strategic and International Studies, told 60 Minutes last November that “some foreign power” infiltrated the classified network of U.S. Central Command through the use of “thumb drives.” (Later, Lewis said he did not have direct knowledge of the incident.) [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Fri Feb 19 2010 - 02:05:20 PST
This archive was generated by hypermail 2.2.0 : Fri Feb 19 2010 - 02:12:26 PST