Military Threatens To Court Martial Anyone Using USB Drives Or Other Removable Media
from the overreacting... dept
Apparently, one strategy the military is taking in a weak attempt to prevent a future State Department cable leaks, like the one currently going on, is to ban all forms of removable media and to threaten to court martial anyone caught using USB keys or CD-Rs on machines connected to SIPRNET. Apparently this is kind of frustrating for many in the military:
One military source, who works on these networks, says it will make the job harder; classified computers are often disconnected from the network, or are in low-bandwidth areas. A DVD or a thumb drive is often the easiest way to get information from one machine to the next. “They were asking us to build homes before,” the source says. “Now they?re taking away our hammers.”
The thing is, just like TSA patdowns, this is targeting the last leak, rather than the next leak. If someone wants to leak the content, they’ll figure out a way to do so, even if they can’t stick a USB key into a computer.
Filed Under: court martial, military, removable media, wikileaks
Comments on “Military Threatens To Court Martial Anyone Using USB Drives Or Other Removable Media”
Ah, the old “the horse has bolted, we might as well burn the barn down” gambit.
Great idea
Just to make sure, I think the two techniques should be combined – let TSA strip search every soldier that is using a computer. If they’re using Windows they’ll have more than enough time at system boot or shutdown to do a thorough search for USB keys…
Let me count the ways
Gee,
They’ll have to ban most anything that plugs into USB, RS232, or printer ports, laptops, wireless, infra-red, keyboards, and I suppose screens as a start. Softwares to set the MAC, OS fingerprint, and IP are common. The tools they need to do deep packet inspection in their firewalls are the same tools needed to redirect or copy those packets. There are trojans that copy themselves to GPUs and to network cards and can do the dirty work without the CPU or OS, and similar virii are expected for some wireless cards too.
Good luck.
Re: Let me count the ways
And this, of course, presumes that those responsible for these new layers of security are completely on board themselves.
The problem isn’t the policy. It’s that people are actively resisting it, and that IS related to policy.
Re: Let me count the ways
I’m not exactly knowledgeable on classified computers, but for the most part, they don’t have any of those ports, and aren’t connected to the internet. Honestly, sneaking the tools in to do any of that stuff should be the bottleneck that’s checked.
Thereby doing precisely what Assange wants them to do
Apparently this is kind of frustrating for many in the military
Anyone who has read what Assange has written about his goals for Wikileaks knows that this is precisely one of the outcomes that he was trying to produce: the disruption of internal communications and thus organizational function.
Assange 1, military 0.
Hmmm.
Maybe they need to put one of them TSA groping stations at the entrance to every facility connected to SIPRNET.
I mean … afterall it’s for YOUR security … right ?
Smartphones
…like they cannot use the phone as a drive either wifi or direct connect
Re: Smartphones
That’s what I was thinking. If there are ANY laptops connected to SIPRNET they most likely have a wifi card. On most new smartphones (not sure about iPhones) you can setup a peer to peer wifi.
I could be sitting at one of the computers dumping gigs of data to the phone sitting in my pocket with no visible indication.
If they want real security
the solution is simple for real security: they’ll have to get rid of computers entirely.
anything else is just bullshit to the reality of computing in a comedic fashion.
Simple solution
Go back to using 3278 terminals and mainframes. 3278 dumb terminals have no ports or hard disk. Of course they could do the same with the PC NO USB/ESATA and no DVD/CD or hard drive, pxe boot them.
What is the big deal? I am surprised that the computers connected to secure servers even have USB ports or CD Burners.
The ones they use at Los Alamos don’t. My friend works on Govt. projects for Lucent A. and his secure computer doesn’t.
I would imagine that since the computers connected to SIPRNet are considered lower threat, they do.
Re: Re:
It’s hard to do w/o a USB port on a computer. Everything plugs into it from the ID card scanners to the mouse.
Sometimes you have to have removable media though. Not every computer is hooked to the network and various agencies don’t necessarily have common access to the same networks. (say your in the Navy and your working with the FBI…it might not make sense to connect the FBI to the Navy’s network)
Size limits also can make it so removable media is the best way to move data.
Re: Re: Re:
It’s hard to do w/o a USB port on a computer.
Not really. That’s just the old “security is inconvenient” excuse. And if you really, really have to have a USB port for something that just can’t be otherwise hardwired, in Windows and most other OS’s it can be restricted to only certain devices.
Sometimes you have to have removable media though.
Very rarely. And in those rare cases, it can be limited to specific secure devices. Not just every flash drive and disk somebody shoves in it.
You really don’t know what you’re talking about.
This isn't an unreasonable policy.
How many stories have we read about companies, and government agencies, losing confidential information on laptops? Does anyone really think it’s a good idea to have state secrets on USB drives?
Wrong department...
It’s not overreacting because it’s not reacting. And it’s not targeting the last leak because such rules have been in place as long as there have been disk burners and flash drives. There are many regulations to control sensitive data, including efforts to ensure only trustworthy people ever have access. Controls will never be perfect, so we have multiple layers of protection, not to eliminate risk, but to reduce it. And lots of places with sensitive data allow flash drives and disk burners under very specific conditions, which usually include that they never leave secure areas of the building in which they’re used.
There's a group policy setting for that
True story, these morons obviously have no idea what they are doing.
Just train the stupid IT department to turn them off. Disconnect them. We have 8 banks of 8 servers sitting here and not 1 USB port in the entire server room. If you can’t turn them off then put Super-Glue in them and leave it sticky. We never lose any data, ever, from the inside or the outside.
Re: Re:
lol, you better have a lot more than that to actually keep data from leaving.
Are any of these “secure” servers on a network?
Are any of the other machines on the same network capable of having a usb drive mounted? If so anyone with basic knowledge could get data off of your servers and pull it down to the other computer and then put it on a usb drive.
Re: Re:
No offence but if you’re that clueless about data security, I highly doubt you have enough expertise to know if your data was stolen in the first place.
What if they plug in an internal harddrive (with SATA)?
Re: Re:
I was thinking that too. Also, what if they saved whatever data to the machine’s own hard drive, turned off the machine, unplugged the hard drive from inside the machine and connected it to a hard drive dock (say to just copy it all to another HDD, like a back up or recovery) then just plugged the original hard drive back in, reboot the machine and nobody would know there was a copy made.
Re: Re:
I’m sorta hoping that these computers are in locked cabinets with limited access to the internals. Because once you have actual physical access to that, you basically can do anything with enough know how.
Lots of good ideas from the comments, but you’ll just start having people print classified information & carry it out the front door cause most of the times their briefcases are not checked.
It’s turning into one big prison & the innocent are now treated as common criminals (this case employees) w/patdowns & bodyscans. Where is the outrage any more?
Need to read a new book just out about Americans who actually take a stand against tyranny (based in part on real people & events). It?s a thriller so I recommend it.
http://www.booksbyoliver.com
Besides, the military will spend billions to correct this problem. There are just too many military installations & other federal agencies that are cc: on their cables that can remove the classified telegrams/documents. Good article. Thanks.
This has been an internal fight for quite a while and only gained full steam with the leak. Ever since the Chinese broke into SIPRNET with USB sticks they have been very strict about this, this is just taking it to the next level.
My mother worked at a defense agency where her computer had no output devices, and had to lock her removal hardrive in a vault every night. She was planning surprise inspections of foreign WMD facilities and the need for secrecy was extreme. The fact that there were any connections outside a computer besides a ethernet port is ridiculous even if it is inconvenient to actual military.
Let's suppose SIPRNET is secure (just for the sake of argument)
What about all the computers in the hands of diplomatic staff at every embassy around the world?
What about all the computers in the hands of their diplomatic staff, where “they” equates to “people our staff send and receive cables from”?
What about the networks in those locations — our and theirs? Wired and wireless?
And so on.
Bluetooth
Our USB ports are configured so you can read from them but not write. They forgot about the bluetooth capabilities and that is a workaround not that I care.
Looks like Wikileaks really got some panties of the corrupt in a bind.
Too bad I had to cancel my PayPal and Amazon accounts out of principle, but that’s ok – there’s more than one place on the web that does those services!
This is old news
Having used machines connected to the SIPRNET while serving in the US Army, I can tell you that this is old news.
Removable storage has always been a concern since the days of the floppy disk (yes the 5 1/4″ kind!) and folks have gotten into trouble for using the same removable storage devices on both a secure and a non-secure machine. Quite often these machines were sitting right next to each other.
There are really very few reasons to use removable storage devices to move data from the non-secure machine to the secure one. Most of the problems with which I am familiar occurred when people mixed up which removable device was for the secure side and which was for the non-secure side.
The headline of Mike’s post should probably be edited a bit. I didn’t see any threats when I read the source article. Service members are routinely “reminded” of what will happen if classified information escapes. Call it a threat if you wish, but it’s actually just business as usual.
Why Did They Allow It In The First Place
On a system that has access to data deemed to be classified and secret, why the heck would you allow such things in the first place.
I know of multiple companies that don’t allow anything to be plugged into the USB ports. Some even disable the USB ports completely, and yes they use only PS/2 keyboards and mice. And these companies don’t deal with classified data.
Re: Why Did They Allow It In The First Place
On a system that has access to data deemed to be classified and secret, why the heck would you allow such things in the first place.
Back when I was involved with such things, we *didn’t* allow it. Period.
However, incompetent military commanders have since overridden security specialists and rescinded many of those restrictions in the name of “morale”. It seems that younger military personnel were complaining that they just couldn’t function without Lady Gaga and YouTube on their supposedly secure systems. Of course, now they’ve had the inevitable leaks as a result. That’s the price you pay.
Re: Re: Why Did They Allow It In The First Place
Isn’t that what unsecured networks and computers are for?
The US military is castigated here for lacking proper controls to keep classified information under wraps.
Now the US military is being castigated for imposing one (of surely several) control to keep classified information under warps.
Clearly, there appears to be nothing that the US military can do to satisfy the security experts here.
Re: Re:
Clearly, there appears to be nothing that the US military can do to satisfy the security experts here.
Actually, there are some thing they could do which would be quite effective — but they will never do them.
First on my list would be “figure out how to operate effectively while handling 1% of the secrets you currently handle”. But I’m sure they’d dismiss the concept immediately — it would require that they actually (gasp!) THINK and that’s really quite too much to ask.
“The thing is, just like TSA patdowns, this is targeting the last leak, rather than the next leak. If someone wants to leak the content, they’ll figure out a way to do so, even if they can’t stick a USB key into a computer.”
Let me count the ways:
1. IrDA – infrared wireless
2. Bluetooth
3. WiFi
4. Print out as dense 2D barcode on paper to be scanned off-site.
Closing the barn door after the cows get out is never a satisfactory solution for leaving the door open in the first place. “Those who do not learn from history are doomed to repeat it.”
Is This Really a New Policy?
I was under the impression that removable media restrictions were already common place. Besides, it’s not hard to run software that detects, logs, and tells someone when a USB drive is plugged in.
Secure it with Windows Group Policies
Using Windows and Active Directory, a Group Policy entry can be set that will disable any removable media. Upon usage the media access will be blocked.
This is a standard built in function.
Yes, Windows is VERY secure.
I don’t get it. Leaking classified information is already a court-martial offense. So this will do nothing to discourage those who want to leak such information, because they will be court-martialed if discovered anyway. All this does is annoy the people who have a legitimate need to transfer files to classified computers.
military bans disks, cds, etc
from the “overreacting department”??
you need to think more seriously here as this time your snark is wildly off base. it’s hardly a case of the brass fighting the last war. no doubt, they have to think long & hard about how to secure data. but this is hardly overreacting. it’s actually a (dull) sensible policy.
I don’t understand how this is new or a bad thing? Many companies disable the USB on company laptops to prevent employees from stealing company info. The company I work for supplies me with a laptop and the USB is disabled. What the military is doing should of been done a long time ago.
Re: Re:
What the military is doing should of been done a long time ago.
It used to be. The problem is that non-technical military commanders have little respect for “geeks”. Thus, when a security “geek” does something that the non-tech commander finds inconvenient, it gets changed. And so it did.
This has been discussed for years
Making it impossible to use removable media on SIPPERNET computers was being discussed 5 years ago when I was working for the Arkansas National Guard.
Among the several reasons that it wasn’t then was the simple fact that sometimes you NEED to move data for presentations and such.
It seems from what I have read that there are many more people with access to it now than then.
Also to the people who were commenting on locked access and such. Yes these computers are usually locked up and if not locked are required to be guarded by a human being at all times that they are available. It could be quite a hassle.
Fortunately at the help desk level all I ever saw was the requests for service. My job was just to pass them on to appropriate authority.
Weren't they already banned?
Not to belittle the issue of leaks, but weren’t USB drives banned last year after they had the computer virus outbreak?