Secure USB Drive

Military Bans Use of USB Drives After Worm Infection

23 ,November, 2008 From Joan Hawardson

Last week, Wired began reporting that the US Army has banned the use of USB drives after a worm that spreads by copying itself to thumb drives or other removable media infiltrated Army networks.

It’s not the first time malware has been spread through this vector. In May, 2007 the SillyFD-AA worm spread by copying itself onto removable media such as USB flash drives, then automatically running when that drive was connected to a PC. The following month, the LiarVB-A worm surfaced. Like the SillyFD-AA worm, it too spread by copying itself onto removable drives such as USB flash drives and running as soon as the device connected to a PC.

And more recently, in August 2008, NASA made headlines after the TGammima.AG worm infected a computer on the International Space Station. And how did it get there? Via a USB flash drive.

Attackers have been consistent about one thing - always looking for the next attack vector. USB drives are easy targets given that they are small enough to easily plug into computers. Also, such a threat can bypass the other security measures and organization has taken to mitigate malicious code.

These incidents point to the possibility that USB drives are becoming a more popular propagation method. April 2008 Information Security Breaches Survey by PricewaterhouseCoopers and the UK Department of Business, Enterprise, and Regulatory Reform (BERR) underscores the relevance of this concern, pointing out that two-thirds of UK companies allow employees to remove data on unsecured USB sticks.

If that is the case, organizations need to deploy USB security at multiple tiers by extending their endpoint security strategy to include USB drives. The most effective tools deploy hardware-based USB encryption and password protection, along with virus scanning. SanDisk recently announced an antivirus engine from McAfee is now available on its Cruzer Enterprise secure USB flash drives.

Over the next week, more details are likely to emerge about the US Army incident. For most organizations, completely banning USB flash drives inhibits the mobility of end users. USB drives can be productivity-enhancing, but the risk of malware infection must be mitigated with tiered security.

Tags: Anti-Malware, Military USB Ban, USB Security
|

Publish a Comment

Get RSS Feed

Recent Posts

Tags
Add new tag Anti-Malware confidential data Cruzer Enterprise Cruzer Enterprise drives data breach data breaches Data encryption data leaks data loss data losses Data Protection Regulations Data Security data security features data security standards encryption on thumb drives external memory devices Internet Security Threat IT security Malware malware attacks mandatory encryption of malware attacks scanning for malware secured mobile usb secure flash drive Secure portable storage secure USB Secure USB Drive Secure USB Drives secure USB Flash Drive Secure USB Flash Drives Security News security risk sensitive data sensitive information thumb drive thumb drives USB drives USB encryption USB flash drive loss USB flash drives USB memory sticks USB Security USB thumb drives