Feeds

US Army bans USB devices to contain worm

Unfriendly fire

Reducing security risks from open source software

The US Army has reportedly suspended the use of USB and removable media devices after a worm began spreading across its network.

Use of USB drives, floppy discs, CDs, external drives, flash media cards and all other removable media devices has been placed on hold in order to contain the spread of Agent-BTZ, a variant of the SillyFDC worm, Wired reports. Such a temporary ban would cause inconvenience in any organisation, but for the US military it's an even more serious problem because in many locations email or online transfer of files are not viable options.

The clampdown applies to both the the secret SIPR and unclassified NIPR networks, according to internal Army emails cited by Wired. Variants of the the SillyFDC worm are capable of spreading over networks or removable media devices, infecting any Windows PC they are plugged into or any external drive connected to an infected device, for example. The malware is programmed to download secondary infectious code from the internet, establishing a conduit that might be used to download keylogging software, password-siphoning spyware or botnet agents onto compromised machines.

Army top brass are using the suspension to clamp down on the use of personally-owned or otherwise unauthorised devices on US military PCs. Government-approved drives will reportedly be allowed back onto the network soon, but not before they've been scanned and cleared of malware infection. Government security teams will be running custom scripts and daily scans for the dual purposes of making sure the ban is enforced and detecting the spread of other forms of malware, Wired adds.

The ban, which gets in the way of troops' normal work, might seem like over-kill, but without knowing the full specifics of the extent of the infection it's probably a little unfair to label it as such.

However, security experts say that actions short of an outright ban may be appropriate for organisations facing similar problems.

"We would advise that users disable the autorun facility of Windows so removable devices such as USB keys and CD ROMs do not automatically launch when they are attached to a PC," explained Graham Cluley, senior technology consultant at Sophos.

"Any storage device which is attached to a computer should be checked for virus and other malware before use. Floppy disks, CD ROMs, USB keys, external hard drives and other devices are all capable of carrying malicious code which could infect the computers of innocent users. Companies can also use technology to help prevent staff from accessing unauthorised devices like USB drives," he added. ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
L33t haxxors compete to p0wn popular home routers
EFF-endorsed SOHOpelessly Broken challenge will air routers' dirty zero day laundry
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.