I have been informed by an insider with knowledge of this incident that the event in question was a an Army colonel that enjoyed scantilly clad women and had a slew of it on a thumb drive with a bit of unknown malware seeded on it as well. Most likely a sample retrieved either via a P2P network or picked up at a adult site. Either way, so what, a worm or code gets on to the SIPRNET now what. Well if you knew anything about worms you would know that One they propagate usually by scanning for vulnerabilities and then exploiting them. Well if nodes are the SIPRNEt are not patched for microsoft and other vulnerabilites then shame shame. Secondly even if a much of machines did get compromised on the SIPR. data stealing malware HAS TO ACTUALLY EXFIL IT TO SOME LOCATION. most likely the hard coded domains/ip addresses in the binary would be unroutable or have not gateway out to the Internet. (better not have a gateway) SIPR should be completely physically seperate.

Check out this website I came across. This guy has a few interesting ideas on how to prosecute cyber war.

www(.dot)conanthedestroyer(.dot)net

Removable media is a management problem. We (all users) have moved to this state of complacency where we use removable media to be more ‘portable’ as we relocate between various workstations and sites. The issue simply is compliance.

Systems are to be protected by various CND tools with specific configurations. The use of removable media is (was) a decision left to local authority. Local authority is responsible for the implementation of the use of this media.

Sounds like we got too lazy. Sounds like we did not follow best practices or local policies (if there was one to begin with).

This is what happens when we take CND for granted and get lazy.

How did they do it?
The PLAN obtained thousands of colorful USB Thumbdrives, loaded them with only four targeted maleware apps, dropped them in the wee hours of the morning across the parking lots of the Pentagon, State Dept. and many other DoD work places. The federal employees being the dumber than a bag of rocks category, almost to a person picked up those brightly colored fobs, pocketed them with a wonderful ‘I got something for free’ smile and inserted them into their work PC’s. Ooops!!!

The reality zone.
This would not have been a problem except the US Army, Marines and the Navy to a lessor extent are not very good about disabling AutoStart on their desktops. The USAF disabled AutoStart in 2003 as part of their Standard Desktop.
IF the Pentagon are mostly fools… The DOD brass-hats and bottoms must PUNISH ALL for their crimes of stupidity. With a nudge from all of our 3-level military and contractor NetSec/CompuSec Barbie and Ken dolls, we have a public relations fiasco and well deserved derision.
Therefore the ban on all USB Thumbdrives and other types of removable media. Whereas dozens of worse Windows computer security nightmare issues are allowed to languish without resolution or mitigation. My favorite is the must save money at all costs stupidity that permits contracting out key security duties while allowing the contractors to summer hire green carded foreign students and giving them Network/Domain Administrator Privileges when they won’t grant even local-machine Admin. privileges to a long-time Federal Engineer or Scientist with a Top Secret clearance.

Riddle me this batmen and girls? How does a ban on USB Thumbdrives solve the problem of fools and idiots inserting a foreign-unknown source USB Thumbdrives into government computers?

My hat is off to the Reds for a successful op. Although at the same time I wish that we could catch them all and hang them… As for all of the Forrest Gumps with stars and chickens on their shoulders at the Pentagon, how much you wanna bet that none of these bricks (as in dumber than) suffer for this fiasco? As for the pallet of bricks at Foggy Bottom, well the name “State Department” is a synonym for “foolish”.

quote
I understand why the DOD banned the USB devices as a emergency defense move however they can and should do the following moves.
The DOD should instruct their admins to push a script to scanner any USB device that connects to the computer to stop any virus. The other thing is to push a script to encrypt any data placed on the USB device.
IT security personnel need to start thinking out of the box.
unquote

To quote Forrest Gump, “Stupid is as stupid does, sir”.

These organizations or individuals are testing our networks for cracks in the system to shut down the most secure and sensitive networks protecting our country.

The DOD should be recruiting more Geek-mo’s in its ranks.

With the USB ports disabled, we cannot connect intermittent devices like bar code scanners or digital cameras used in our daily work. Worse, we must keep all files we expect to use either on our computers or on the file server, even files with personal data like performance appraisals. Which is more secure from hackers, removable media in my pocket or the files stored on a computer?

I think the Pentagon and StratCom need to concentrate on Bush’s wars and stop the disinformation, propaganda and fear-mongering of the unpopular Bush administration. Oh and hey, StratCom…the American people are NOT the enemy.

When, oh when will there be a uniform set of rules across the spectrum.