Military ban against USB drives partially lifted

Share this article:
After a more than yearlong ban, USB drives and other removable media devices may now be used on military networks under “very specific circumstances and guidelines,” according to the U.S. Strategic Command.

“This is not a return to business as usual," Vice Adm. Carl Mauney, deputy commander of the U.S. Strategic Command, told SCMagazineUS.com in an email on Friday. “There remain strict limitations on using these devices.”

The U.S. Department of Defense (DoD) originally banned USB drives and other removable media devices in November 2008, after a worm infiltrated Army networks. A variation of the worm, W32.SillyFDC, was targeting thumb drives and other removable media and spreading through military networks. To stop the infection, all removable storage devices — including USB drives, external hard drives, cameras and some printers — were prohibited on all military networks.

The order to partially lift the ban came last week from Gen. Kevin Chilton, commander of the U.S. Strategic Command, and is applicable to all DoD information systems, Mauney said. Under the order, removable devices should only be used as a “last resort” when it is necessary to carry out a mission and there is no other way to transfer data.

Also, only government-procured and owned devices will be allowed. Personally owned devices will continue to be prohibited.

“After extensive testing of mitigation measures, DoD decided to make this technology available again on a strictly controlled basis on DoD computers,” Mauney said. “Since the order restricting use of removable media, DoD developed capabilities and processes that allow safe use of these devices.”

Removable media devices, which also include most cell phones and all MP3 players, have their benefits and their drawbacks, said Frank Kenney, vice president of global strategy at network monitoring and file transfer software vendor Ipswitch.

They allow employees to be productive and to access the data they need, when they need it, he said.

“Yet as more people become reliant on these devices, they are exposing themselves to huge potential gaps, where the intelligence of a business or organization can be seriously compromised,” Kenney said.

Military network administrators can monitor and audit activity on DoD networks, including files that may be introduced through removable devices, Mauney added. The DoD regularly monitors its networks for intrusions and has procedures in place to address threats, he said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.