Military ban against USB drives partially lifted

Share this article:
After a more than yearlong ban, USB drives and other removable media devices may now be used on military networks under “very specific circumstances and guidelines,” according to the U.S. Strategic Command.

“This is not a return to business as usual," Vice Adm. Carl Mauney, deputy commander of the U.S. Strategic Command, told SCMagazineUS.com in an email on Friday. “There remain strict limitations on using these devices.”

The U.S. Department of Defense (DoD) originally banned USB drives and other removable media devices in November 2008, after a worm infiltrated Army networks. A variation of the worm, W32.SillyFDC, was targeting thumb drives and other removable media and spreading through military networks. To stop the infection, all removable storage devices — including USB drives, external hard drives, cameras and some printers — were prohibited on all military networks.

The order to partially lift the ban came last week from Gen. Kevin Chilton, commander of the U.S. Strategic Command, and is applicable to all DoD information systems, Mauney said. Under the order, removable devices should only be used as a “last resort” when it is necessary to carry out a mission and there is no other way to transfer data.

Also, only government-procured and owned devices will be allowed. Personally owned devices will continue to be prohibited.

“After extensive testing of mitigation measures, DoD decided to make this technology available again on a strictly controlled basis on DoD computers,” Mauney said. “Since the order restricting use of removable media, DoD developed capabilities and processes that allow safe use of these devices.”

Removable media devices, which also include most cell phones and all MP3 players, have their benefits and their drawbacks, said Frank Kenney, vice president of global strategy at network monitoring and file transfer software vendor Ipswitch.

They allow employees to be productive and to access the data they need, when they need it, he said.

“Yet as more people become reliant on these devices, they are exposing themselves to huge potential gaps, where the intelligence of a business or organization can be seriously compromised,” Kenney said.

Military network administrators can monitor and audit activity on DoD networks, including files that may be introduced through removable devices, Mauney added. The DoD regularly monitors its networks for intrusions and has procedures in place to address threats, he said.

Share this article:

Sign up to our newsletters

More in News

Carbon Grabber crimeware kit being distributed in spam campaign

A spam campaign involving the Carbon Grabber crimeware kit is ongoing against the automotive industry in Europe, according to Symantec.

Errors in ZeroLocker means paying ransom may not decrypt files

A piece of ransomware known as ZeroLocker contains various errors that may prevent files from being decrypted even if the ransom is paid.

Rogue AV scammers find success with new tatics

Although the number of rogue anti-virus malware campaigns have decreased overall, the threat isn't totally gone, according to researchers at Microsoft.