Protecting the network
By USAFE, Cyber Surety
/ Published March 27, 2009
RAMSTEIN AIR BASE, Germany --
In this day and age, war readiness is at the forefront of everything we do as members of the armed forces. We stay mentally and physically prepared through training, enhancing our skill as war fighters in the event we will be called to deploy and serve in austere locations.
We check our equipment over and over so we know it will serve its purpose when needed. The last thing you want to have is a weapon that malfunctions when you need it the most. The most important weapon system in today's fight, one that is greatly overlooked, is the computer network.
Computers ensure we get the job done and get it done in a timely fashion. When the network is threatened, we need to act quickly to make sure it remains uncompromised and maintain the three points of computer security: confidentiality, integrity and availability.
Recently, our network was threatened by the "agent.btz" worm that affected computers all across the Department of Defense network. The worm spreads quickly and quietly through the use of flash memory. This was, and still is, the reason for the continuing universal ban on all flash memory devices across the DoD.
So what exactly is flash memory? The technical definition of flash memory is any non-volatile computer memory that can be electrically erased and reprogrammed. Simply put, non-volatile means no power is required to keep the information on the chip. Examples of flash memory include thumb drives, memory cards, flash hard drives and handheld devices like MP3 players, IPods and cameras. The biggest confusion with the ban was what actually qualified as an external flash hard drive. A flash hard drive is any storage device connected by USB cable that lacks magnetically spinning disks to store data. In really simple terms, flash drives don't vibrate when storing data.
So what is allowed on the DoD network? The only devices currently allowed to be connected to the DoD network are drives which are government owned and not based on flash memory technology. Meaning, anything the government has purchased for official business and has internal moving parts.
Keep in mind, you must perform a full virus scan on the device with Symantec Antivirus every time you connect it your computer. This step will ensure the media has not been compromised and will not pose a risk to the network. To perform a virus scan:
1. Open Symantec Antivirus by double-clicking the yellow shield in the system tray at the bottom right hand corner of your desktop.
2. Once the program is open, you will see the scan menu on the left. Expand the menu to view all options.
3. Select the custom scan option. Check the box of the drive you will be using and click the scan button.
4. Once the scan is complete and no malware has been detected, it is safe to proceed.
One item of interest is government owned blackberries. These devices contain flash memory but still must be connected to the network occasionally. Government owned blackberries are not included in the flash memory ban due to their use of two forms of encryption; Triple Data Encryption Standard and Advanced Encryption Standard. Because of the extreme level of security used, the Defense Information Systems Agency has approved their use on the government network.
As our missions grow, so do the number of adversaries determined to stop them and the "agent.btz" worm can do just that. In order to contain this computer attack, we must not use flash memory or flash based devices until further notice. By taking this inconvenient action now, we can trust and know the network will be safer and our mission data, pay and personal information will be there when we need it.