Comments on: USB devices spreading viruses

Defense Department suspends use of USB drives as experts warn of USB-related virus outbreaks.

[n3td3v]

"Meanwhile, the U.S. Department of Defense has temporarily banned the use of thumb drives, CDs, and other removable storage devices because of the spread of the Agent.bzt virus..."

There is no security through obscurity.

[Peleg72]

Obscurity? It is more like inanity.
Instead of limiting the US army personal and by that reducing the organization?s efficiency there is a solution to this "disease".
Malware is defiantly not a new threat and I wonder why any time a big organization like the US army faces such an attack, their immediate response is not reasonable.
The US Army Must maintain its mobility and also to secure its sensitive information.
SanDisk Enterprise recently released a secure USB drive with McAfee malware protection.
I read all about it in their <a href="http://www.sandisk-enterprise.com/blog"> secure USB drive blog </a>"
Thinking of it, any private person who faces malware would protect himself from why and not stopping to use his computer, right? so why not the US Army does so?
:) So guys (from the US Army) talk to SanDisk they might save you some trouble.

[DaClyde]

The continued incompetence by DoD IT people is staggering. They have piles of regulations that they refuse to enforce consistently, don't provide the training or staff in the areas that are having the most problems and are very big on ignoring preventative security policies, preferring to crack down AFTER a problem has arisen.

There's nothing that has happened on a DoD network that properly applied group policies or updated virus scanners wouldn't have caught or prevented. And nothing will change after whatever caused this crack down. This knee-jerk ban would practically cripple certain DoD projects that depend on removable media if actually enforced on all levels.

And CDs? Seriously?

[tech_crazy]

"Thumb drives aren't the only culprits; any device that plugs into a USB port--including gadgets like lights, fans, speakers, toys, even a digital microscope--can be used to spread malware, Ollmann said. "

Seriously, lights and fans? All they hook up to are the power pins in the USB connector.

[blueshore]

Partially right. Some USB hardware has some flash memory to store drivers (like the Sprint or at&t USB modem cards), Other are just using the power pins. But it makes you wonder if it is possible to infiltrate a flash memory into a fan or a light (or a mug warmer).

Revenge of the Furby?

[Mr. Dee]

The network at the institution I attended was brought to its knees because of thumb drives. The viruses kept propagating because everybody plugged in the thumb drives in every computer willy nilly. Symantec was never updated or the server was not distributing definitions properly. The server itself was brought down a few times, even when Symantec EndPoint did remove the viruses, malware and Trojans they left back residue of Administrative privileges being disabled through group policy, we had to repair it with a tool called RRT. Thumb drives when cleaned kept getting reinfected because persons laptops including mine were infected and the cycle just continued. I just came to a point where I said, I am not putting my thumb drive in any computer on campus. The only computer I did put my thumb drive in was a friends MacBook Pro and that was just for OS X. Her boot camp installation of XP even got infected, thank goodness I created a bunch of system restore points for her. So every time she got infected and Trojans disabled admin privileges I simply restored to an early point in time before the virus infected the system and created a new system restore point. I did this also for my friends XP and Vista note books. I also told them to stop plugging in the Ethernet cables in their laptops and use the wi-fi instead. A majority of the lab PC's were running Windows 2000 Professional which does not include Auto-Run like XP, but when thumb drives are plugged in they must be initialized and the vulnerabilities take advantage of that window of opportunity, so the system still gets infected. One particular worm called Brontok is known for propagation on the network and there are different variants. So even when you did catch one with your AV you still didn't catch because another variant had already been created. Its quite obvious that the problem is not Windows 2000, because even friends running Vista 64 bit with all its built in security features such as Standard Admin account, ASLR, Patch Guard, Driver Signing, Windows Defender, Firewall on and AV on top of that was still vulnerable.

[catch23]

BS. Vista running at standard user would do jack. At least nothing that will compromise the system.
Peddle your worthless FUD elsewhere.

[Mr. Dee]

catch23, I am just telling real experiences, no lies.

[alegr]

"Standard Admin"? WHat's that? Ther is Administrator and Limited User. Under UAC, Administrator session runs mostly under Restricted token, unless a process starts with elevation, which removes restriction. But this is a kludge anyway. Just use Limited User accounts.

[Penguinisto]

Heya folks - y'all do know that malware doesn't need to run under elevated privileges to operate as a zombie or as an SMTP spam-pump, right?

/P

[nopinktoday]

Pretty creepy. So now every time I plug in my PSP to my desktop, ima pray to the heavens for no Trojans.

No more Trojans mommy!

[lkrupp]

"Seriously, lights and fans? All they hook up to are the power pins in the USB connector."

That's the beauty of FUD. It doesn't have to make sense.

[Perry_Clease]

"Pretty creepy. So now every time I plug in my PSP to my desktop, ima pray to the heavens for no Trojans."

Well if a sailor was wearing a Trojan then he wouldn't spreading/getting viruses while on shore leave. :)

"My sincere apologies if I offended anyone with this lead sentence. I struggled to find an analogy that works for infections spread by physical contact and which involve mobility, and airborne medical outbreaks just didn't work."

I spent over 20 years in the US Navy and never once spread a virus. :)

For an analogy that "covers" your bases, how about; Spreading a virus like a sick kid with the flu and coughing while on a transcontinental flight.

[benjwah]

Sweden has soldiers?

[dmm]

Yeah, that's what the secret information was.

[cyberspittle]

Does this affect Linux computers? No? Hmmm.

[imacpwr]

Conveniently forgot to mention whIch OS this is affecting.....??? When is the USA government ever going to get smart and switch to a safe(r) operating system. Heck, anything would be safer than M$...!!

[celticbrewer]

Anyone care to post the link to the research showing that macs have more vulnerabilities than PCs?

I'm sure if businesses and the government switched to another OS (including Linux, cyberspittle), the malware writers would quickly churn out programs for those OSes. NOTHING that is networked or that allows peripherals is, or ever will be, totally secure. Deal with it!

[afterhours]

Picking on sailors? No offense taken -- I'm sure you could point to one or two instances where they outmatched, say, journalism students on a Saturday night, or office workers at a Christmas party, or Congressmen in the Page lounge, or...

[strongheartshadow]

I read the story and I noticed just how quick some guy was to jump on the Department of Defense.
Maybe the reader did not notice that the soldier was Swedish. They are not part of our Military!
The Tax collector was British! He's not our's either! Quite possibly the DOD is responding cautiously; that's not a bad thing..

As for brains it's good thing that person is not handling security in this country. We would be in a real mess!

[steventhompson77]

naevius usb antivirus helps protect you from viruses spreaded from USB storage devices.