Five ways to avoid the same fate
[posed by removable media malware]
- Date: August 27th, 2010
- Author: Chad Perrin
Defense Secretary Lynn has been discussing a 2008 compromise of U.S. military network security by a foreign intelligence agency. The DOD is taking measures to protect itself. You should do the same.
The Washington Post reports in Defense official discloses cyberattack:
The most significant breach of US military computers was caused by a flash drive inserted into a US military laptop on a post in the Middle East in 2008.
A foreign intelligence agency managed to place malware on a USB flash drive that was later plugged into the US military laptop, infecting it. From there, the infection made its way onto a U.S. military Central Command network. According to Defense Secretary William J. Lynn III:
“That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control.”
“It was a network administrator’s worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary.”
With the growth of widespread network-delivered malware infections in today’s almost universally connected world, it can be easy to forget that sometimes the old methods are still effective. In the 1990s, people who used computers on a regular basis were much more cognizant of the potential danger of viruses that could move from computer to computer via removable media like floppy disks.
How to avoid removable media malware
- Disable AutoRun
- Implement restrictive removable media policy
- Check all removable media on a secured system before
- Choose to ban all removable media
- Implement the basics
No comments:
Post a Comment