Pentagon Confirms 2008 Computer Breach — 'Worst Ever'

← Back to Stories (view on slashdot.org)

Pentagon Confirms 2008 Computer Breach — 'Worst Ever'

Posted by timothy on Thursday August 26, 2010 @09:44AM from the ok-ok-uncle-sam dept.

jowifi writes "The New York Times reports that the Pentagon has confirmed that, in 2008, a foreign agent instigated 'the most significant breach of US military computers ever' using a USB flash drive. While the breach was previously reported on Wired and the LA Times, this is the first official confirmation of the attack that led to the banning of USB drives on government computers."

5 of 157 comments (clear)

Min score:

Reason:

Sort:

This is likely why MS has GPOs in W7 by mlts · 2010-08-26 09:47 · Score: 4, Insightful

This is likely why Windows 7 has explicit GPOs to either set USB flash drives read-only, or deny them the ability to mount whatsoever. Other programs that have this functionality are PGP Universal, and Symantec Endpoint Protection.
Now, if MS can put autoplay/autorun to rest six feet under with Clippy and Bob, that would be a good security advance.
1. Re:This is likely why MS has GPOs in W7 by Ethanol-fueled · 2010-08-26 10:27 · Score: 4, Insightful
  
  There are ways to hide stuff like that from view on Windows. They magically show up when the USB device is plugged into a Linux box.
  
  Related note: A similar piece of malware and the ensuing hassle is what prompted me to switch to Linux for good.
2. Re:This is likely why MS has GPOs in W7 by dgatwood · 2010-08-26 11:54 · Score: 4, Insightful
  
  There should never have been a way to enable autorun in the first place. The very notion of automatically executing code or installers form a piece of media without the user explicitly taking any action is antithetical to proper security.
  
  --
  Check out my sci-fi/humor trilogy at PatriotsBooks.
The right reaction? by mangu · 2010-08-26 09:53 · Score: 4, Insightful

the attack that led to the banning of USB drives on government computers.
This reminds me of the joke of the man that, having learned that his wife was fucking other men in the couch in the living room, moved the couch to the garage.
USB drives have a purpose for legal uses. Wouldn't it be better to improve their systems so that USB drives couldn't be used in harmful ways?
1. Re:The right reaction? by guruevi · 2010-08-26 11:58 · Score: 4, Insightful
  
  After actually having implemented such a methods, it is noticed that nobody ever uses the classified network except for highly official stuff, when the project is done. It seems that all work in progress is just being saved on the non-classified network.
  Trust me, I have implemented just about any security method in a variety of settings (medical, financial, ...). The fact remains that people can't be bothered to lock their screens when they step out because it's "too difficult" and "too complicated" let alone click the button to encrypt their e-mail or their USB sticks.
  
  --
  Custom electronics and digital signage for your business: www.evcircuits.com