Military's ban of USB thumb drives highlights security risks

The U.S. Department of Defense has banned USB drives and other removable media devices after a worm infiltrated Army networks.

“All units are not allowed to use any USB mass storage devices, which includes everything from hard drives to cameras to some printers,” an Army lieutenant told in an email on Thursday.

Wired, citing internal U.S. Army emails, first reported the story, reporting that a variation of the worm “W32.SillyFDC” was targeting thumb drives and other removable media and spreading through military networks. To stop the infection, the removable storage devices were prohibited on all military networks, including a classified one, Wired said.

Department of Defense spokesman Lt. Col. Eric Butterbaugh did not address the ban, but told that the agency aggressively monitors its networks for intrusions and regularly provides guidance about threats to its field officers and provides measures to ensure its information systems remain secure.

The military's ban on these media devices highlights a problem that every organization faces, Paul Zimski, vice president of solution strategy for endpoint security vendor Lumension, told Thursday.

“If someone loads malware on a USB drive and drops it in a parking lot, it's human nature to want to use this thing,” Zimski said. “You don't think of it as a threat.”

Another security issue with USB drives is the risk of data loss. Enterprises must be aware of what information is being copied onto the stick, how it is it being protected and what happens when that device leaves the enterprise, Zimski said.

USB infection occurs in two main ways, said a Symantec blog post Wednesday. After being installed on an already infected computer, a malicious application can copy itself onto a USB drive and look like a legitimate image or video file. A user is infected once they manually execute the file.

The other primary USB infection method is called an “autorun.inf modification,” This method uses the Windows “autorun” feature to launch the malicious file, which causes infection without any user interaction.

US-CERT issued an advisory about the increase in USB flash drive attacks and recommended users install anti-virus software and keep signatures up to date. The group also recommended that users not connect unknown or untrusted flash drives to a computer, as well as disable "autorun" or "autoplay" features for removable media.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

SAFECode recommendations way to assess software security

SAFECode recommendations way to assess software security

A set of actionable recommendations released by the Software Assurance Forum for Excellence in Code (SAFECode) provides a framework for organizations to extend risk management strategies to include the security ...

Google removes 440k links under 'Right to be Forgotten' ruling

Google removes 440k links under 'Right to be ...

Google has released a report on all the data it has removed from its search results, after the Court of Justice of the European Union ruled last May that users ...

Nine percent of HTTPS hosts on the web "share the same private keys"

Nine percent of HTTPS hosts on the web ...

Stefan Viehböck, senior security consultant at SEC Consult, examined 4000 devices from 70 vendors and found widespread reuse of private keys.