Military Threatens To Court Martial Anyone Using USB Drives Or Other Removable Media

from the overreacting... dept

Apparently, one strategy the military is taking in a weak attempt to prevent a future State Department cable leaks, like the one currently going on, is to ban all forms of removable media and to threaten to court martial anyone caught using USB keys or CD-Rs on machines connected to SIPRNET. Apparently this is kind of frustrating for many in the military:
One military source, who works on these networks, says it will make the job harder; classified computers are often disconnected from the network, or are in low-bandwidth areas. A DVD or a thumb drive is often the easiest way to get information from one machine to the next. "They were asking us to build homes before," the source says. "Now they’re taking away our hammers."
The thing is, just like TSA patdowns, this is targeting the last leak, rather than the next leak. If someone wants to leak the content, they'll figure out a way to do so, even if they can't stick a USB key into a computer.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    PaulT (profile), Dec 10th, 2010 @ 3:42am

    Ah, the old "the horse has bolted, we might as well burn the barn down" gambit.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Yogi, Dec 10th, 2010 @ 4:04am

    Great idea

    Just to make sure, I think the two techniques should be combined - let TSA strip search every soldier that is using a computer. If they're using Windows they'll have more than enough time at system boot or shutdown to do a thorough search for USB keys...

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonphunk, Dec 10th, 2010 @ 4:05am

    Let me count the ways

    Gee,
    They'll have to ban most anything that plugs into USB, RS232, or printer ports, laptops, wireless, infra-red, keyboards, and I suppose screens as a start. Softwares to set the MAC, OS fingerprint, and IP are common. The tools they need to do deep packet inspection in their firewalls are the same tools needed to redirect or copy those packets. There are trojans that copy themselves to GPUs and to network cards and can do the dirty work without the CPU or OS, and similar virii are expected for some wireless cards too.

    Good luck.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Richard Kulawiec, Dec 10th, 2010 @ 4:21am

    Thereby doing precisely what Assange wants them to do

    Apparently this is kind of frustrating for many in the military

    Anyone who has read what Assange has written about his goals for Wikileaks knows that this is precisely one of the outcomes that he was trying to produce: the disruption of internal communications and thus organizational function.

    Assange 1, military 0.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 5:10am

    Hmmm.
    Maybe they need to put one of them TSA groping stations at the entrance to every facility connected to SIPRNET.
    I mean ... afterall it's for YOUR security ... right ?

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 5:16am

    Smartphones

    ...like they cannot use the phone as a drive either wifi or direct connect

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    Designerfx (profile), Dec 10th, 2010 @ 5:19am

    If they want real security

    the solution is simple for real security: they'll have to get rid of computers entirely.

    anything else is just bullshit to the reality of computing in a comedic fashion.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Jeff, Dec 10th, 2010 @ 5:28am

    Simple solution

    Go back to using 3278 terminals and mainframes. 3278 dumb terminals have no ports or hard disk. Of course they could do the same with the PC NO USB/ESATA and no DVD/CD or hard drive, pxe boot them.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 5:31am

    What is the big deal? I am surprised that the computers connected to secure servers even have USB ports or CD Burners.

    The ones they use at Los Alamos don't. My friend works on Govt. projects for Lucent A. and his secure computer doesn't.

    I would imagine that since the computers connected to SIPRNet are considered lower threat, they do.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Rob, Dec 10th, 2010 @ 5:42am

    This isn't an unreasonable policy.

    How many stories have we read about companies, and government agencies, losing confidential information on laptops? Does anyone really think it's a good idea to have state secrets on USB drives?

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Frosty the Snowman, Dec 10th, 2010 @ 5:44am

    Wrong department...

    It's not overreacting because it's not reacting. And it's not targeting the last leak because such rules have been in place as long as there have been disk burners and flash drives. There are many regulations to control sensitive data, including efforts to ensure only trustworthy people ever have access. Controls will never be perfect, so we have multiple layers of protection, not to eliminate risk, but to reduce it. And lots of places with sensitive data allow flash drives and disk burners under very specific conditions, which usually include that they never leave secure areas of the building in which they're used.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 5:57am

    There's a group policy setting for that

    True story, these morons obviously have no idea what they are doing.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 5:57am

    Re: Let me count the ways

    And this, of course, presumes that those responsible for these new layers of security are completely on board themselves.

    The problem isn't the policy. It's that people are actively resisting it, and that IS related to policy.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 5:58am

    Just train the stupid IT department to turn them off. Disconnect them. We have 8 banks of 8 servers sitting here and not 1 USB port in the entire server room. If you can't turn them off then put Super-Glue in them and leave it sticky. We never lose any data, ever, from the inside or the outside.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 6:03am

    Re:

    It's hard to do w/o a USB port on a computer. Everything plugs into it from the ID card scanners to the mouse.

    Sometimes you have to have removable media though. Not every computer is hooked to the network and various agencies don't necessarily have common access to the same networks. (say your in the Navy and your working with the FBI...it might not make sense to connect the FBI to the Navy's network)

    Size limits also can make it so removable media is the best way to move data.

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    cgt (profile), Dec 10th, 2010 @ 6:20am

    What if they plug in an internal harddrive (with SATA)?

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    WhiteSnow, Dec 10th, 2010 @ 6:32am

    Lots of good ideas from the comments, but you'll just start having people print classified information & carry it out the front door cause most of the times their briefcases are not checked.

    It's turning into one big prison & the innocent are now treated as common criminals (this case employees) w/patdowns & bodyscans. Where is the outrage any more?

    Need to read a new book just out about Americans who actually take a stand against tyranny (based in part on real people & events). It’s a thriller so I recommend it.

    www.booksbyoliver.com

    Besides, the military will spend billions to correct this problem. There are just too many military installations & other federal agencies that are cc: on their cables that can remove the classified telegrams/documents. Good article. Thanks.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    EOrrFU, Dec 10th, 2010 @ 6:34am

    This has been an internal fight for quite a while and only gained full steam with the leak. Ever since the Chinese broke into SIPRNET with USB sticks they have been very strict about this, this is just taking it to the next level.
    My mother worked at a defense agency where her computer had no output devices, and had to lock her removal hardrive in a vault every night. She was planning surprise inspections of foreign WMD facilities and the need for secrecy was extreme. The fact that there were any connections outside a computer besides a ethernet port is ridiculous even if it is inconvenient to actual military.

     

    reply to this | link to this | view in thread ]

  19.  
    icon
    yourrealname (profile), Dec 10th, 2010 @ 6:35am

    Re:

    I was thinking that too. Also, what if they saved whatever data to the machine's own hard drive, turned off the machine, unplugged the hard drive from inside the machine and connected it to a hard drive dock (say to just copy it all to another HDD, like a back up or recovery) then just plugged the original hard drive back in, reboot the machine and nobody would know there was a copy made.

     

    reply to this | link to this | view in thread ]

  20.  
    icon
    Phillip (profile), Dec 10th, 2010 @ 7:00am

    Re:

    lol, you better have a lot more than that to actually keep data from leaving.
    Are any of these "secure" servers on a network?
    Are any of the other machines on the same network capable of having a usb drive mounted? If so anyone with basic knowledge could get data off of your servers and pull it down to the other computer and then put it on a usb drive.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Richard Kulawiec, Dec 10th, 2010 @ 7:06am

    Let's suppose SIPRNET is secure (just for the sake of argument)

    What about all the computers in the hands of diplomatic staff at every embassy around the world?

    What about all the computers in the hands of their diplomatic staff, where "they" equates to "people our staff send and receive cables from"?

    What about the networks in those locations -- our and theirs? Wired and wireless?

    And so on.

     

    reply to this | link to this | view in thread ]

  22.  
    icon
    PaulT (profile), Dec 10th, 2010 @ 7:20am

    Re:

    No offence but if you're that clueless about data security, I highly doubt you have enough expertise to know if your data was stolen in the first place.

     

    reply to this | link to this | view in thread ]

  23.  
    icon
    Steven (profile), Dec 10th, 2010 @ 7:42am

    Re: Smartphones

    That's what I was thinking. If there are ANY laptops connected to SIPRNET they most likely have a wifi card. On most new smartphones (not sure about iPhones) you can setup a peer to peer wifi.

    I could be sitting at one of the computers dumping gigs of data to the phone sitting in my pocket with no visible indication.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Harry P. Ness, Dec 10th, 2010 @ 7:45am

    Bluetooth

    Our USB ports are configured so you can read from them but not write. They forgot about the bluetooth capabilities and that is a workaround not that I care.

     

    reply to this | link to this | view in thread ]

  25.  
    icon
    Overcast (profile), Dec 10th, 2010 @ 7:54am

    Looks like Wikileaks really got some panties of the corrupt in a bind.

    Too bad I had to cancel my PayPal and Amazon accounts out of principle, but that's ok - there's more than one place on the web that does those services!

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 7:54am

    This is old news

    Having used machines connected to the SIPRNET while serving in the US Army, I can tell you that this is old news.

    Removable storage has always been a concern since the days of the floppy disk (yes the 5 1/4" kind!) and folks have gotten into trouble for using the same removable storage devices on both a secure and a non-secure machine. Quite often these machines were sitting right next to each other.

    There are really very few reasons to use removable storage devices to move data from the non-secure machine to the secure one. Most of the problems with which I am familiar occurred when people mixed up which removable device was for the secure side and which was for the non-secure side.

    The headline of Mike's post should probably be edited a bit. I didn't see any threats when I read the source article. Service members are routinely "reminded" of what will happen if classified information escapes. Call it a threat if you wish, but it's actually just business as usual.

     

    reply to this | link to this | view in thread ]

  27.  
    icon
    jsf (profile), Dec 10th, 2010 @ 7:58am

    Why Did They Allow It In The First Place

    On a system that has access to data deemed to be classified and secret, why the heck would you allow such things in the first place.

    I know of multiple companies that don't allow anything to be plugged into the USB ports. Some even disable the USB ports completely, and yes they use only PS/2 keyboards and mice. And these companies don't deal with classified data.

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 8:00am

    The US military is castigated here for lacking proper controls to keep classified information under wraps.

    Now the US military is being castigated for imposing one (of surely several) control to keep classified information under warps.

    Clearly, there appears to be nothing that the US military can do to satisfy the security experts here.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 8:18am

    "The thing is, just like TSA patdowns, this is targeting the last leak, rather than the next leak. If someone wants to leak the content, they'll figure out a way to do so, even if they can't stick a USB key into a computer."

    Let me count the ways:

    1. IrDA - infrared wireless
    2. Bluetooth
    3. WiFi
    4. Print out as dense 2D barcode on paper to be scanned off-site.

    Closing the barn door after the cows get out is never a satisfactory solution for leaving the door open in the first place. "Those who do not learn from history are doomed to repeat it."

     

    reply to this | link to this | view in thread ]

  30.  
    icon
    Chris Rhodes (profile), Dec 10th, 2010 @ 8:29am

    Is This Really a New Policy?

    I was under the impression that removable media restrictions were already common place. Besides, it's not hard to run software that detects, logs, and tells someone when a USB drive is plugged in.

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Richard, Dec 10th, 2010 @ 8:42am

    Secure it with Windows Group Policies

    Using Windows and Active Directory, a Group Policy entry can be set that will disable any removable media. Upon usage the media access will be blocked.

    This is a standard built in function.

    Yes, Windows is VERY secure.

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    Richard Kulawiec, Dec 10th, 2010 @ 8:54am

    Re:

    Clearly, there appears to be nothing that the US military can do to satisfy the security experts here.

    Actually, there are some thing they could do which would be quite effective -- but they will never do them.

    First on my list would be "figure out how to operate effectively while handling 1% of the secrets you currently handle". But I'm sure they'd dismiss the concept immediately -- it would require that they actually (gasp!) THINK and that's really quite too much to ask.

     

    reply to this | link to this | view in thread ]

  33.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 8:54am

    I don't get it. Leaking classified information is already a court-martial offense. So this will do nothing to discourage those who want to leak such information, because they will be court-martialed if discovered anyway. All this does is annoy the people who have a legitimate need to transfer files to classified computers.

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    gi joe, Dec 10th, 2010 @ 8:55am

    military bans disks, cds, etc

    from the "overreacting department"??

    you need to think more seriously here as this time your snark is wildly off base. it's hardly a case of the brass fighting the last war. no doubt, they have to think long & hard about how to secure data. but this is hardly overreacting. it's actually a (dull) sensible policy.

     

    reply to this | link to this | view in thread ]

  35.  
    icon
    viperfl (profile), Dec 10th, 2010 @ 9:45am

    I don't understand how this is new or a bad thing? Many companies disable the USB on company laptops to prevent employees from stealing company info. The company I work for supplies me with a laptop and the USB is disabled. What the military is doing should of been done a long time ago.

     

    reply to this | link to this | view in thread ]

  36.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 11:07am

    Re: Re:

    It's hard to do w/o a USB port on a computer.

    Not really. That's just the old "security is inconvenient" excuse. And if you really, really have to have a USB port for something that just can't be otherwise hardwired, in Windows and most other OS's it can be restricted to only certain devices.

    Sometimes you have to have removable media though.

    Very rarely. And in those rare cases, it can be limited to specific secure devices. Not just every flash drive and disk somebody shoves in it.

    You really don't know what you're talking about.

     

    reply to this | link to this | view in thread ]

  37.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 11:17am

    Re: Why Did They Allow It In The First Place

    On a system that has access to data deemed to be classified and secret, why the heck would you allow such things in the first place.

    Back when I was involved with such things, we *didn't* allow it. Period.

    However, incompetent military commanders have since overridden security specialists and rescinded many of those restrictions in the name of "morale". It seems that younger military personnel were complaining that they just couldn't function without Lady Gaga and YouTube on their supposedly secure systems. Of course, now they've had the inevitable leaks as a result. That's the price you pay.

     

    reply to this | link to this | view in thread ]

  38.  
    identicon
    Anonymous Coward, Dec 10th, 2010 @ 11:23am

    Re:

    What the military is doing should of been done a long time ago.

    It used to be. The problem is that non-technical military commanders have little respect for "geeks". Thus, when a security "geek" does something that the non-tech commander finds inconvenient, it gets changed. And so it did.

     

    reply to this | link to this | view in thread ]

  39.  
    icon
    David Liu (profile), Dec 10th, 2010 @ 2:18pm

    Re: Let me count the ways

    I'm not exactly knowledgeable on classified computers, but for the most part, they don't have any of those ports, and aren't connected to the internet. Honestly, sneaking the tools in to do any of that stuff should be the bottleneck that's checked.

     

    reply to this | link to this | view in thread ]

  40.  
    icon
    David Liu (profile), Dec 10th, 2010 @ 2:20pm

    Re:

    I'm sorta hoping that these computers are in locked cabinets with limited access to the internals. Because once you have actual physical access to that, you basically can do anything with enough know how.

     

    reply to this | link to this | view in thread ]

  41.  
    icon
    David Liu (profile), Dec 10th, 2010 @ 2:22pm

    Re: Re: Why Did They Allow It In The First Place

    Isn't that what unsecured networks and computers are for?

     

    reply to this | link to this | view in thread ]

  42.  
    icon
    AG Wright (profile), Dec 11th, 2010 @ 4:05am

    This has been discussed for years

    Making it impossible to use removable media on SIPPERNET computers was being discussed 5 years ago when I was working for the Arkansas National Guard.
    Among the several reasons that it wasn't then was the simple fact that sometimes you NEED to move data for presentations and such.
    It seems from what I have read that there are many more people with access to it now than then.
    Also to the people who were commenting on locked access and such. Yes these computers are usually locked up and if not locked are required to be guarded by a human being at all times that they are available. It could be quite a hassle.
    Fortunately at the help desk level all I ever saw was the requests for service. My job was just to pass them on to appropriate authority.

     

    reply to this | link to this | view in thread ]

  43.  
    identicon
    Anonymous Coward, Dec 12th, 2010 @ 9:57am

    Weren't they already banned?

    Not to belittle the issue of leaks, but weren't USB drives banned last year after they had the computer virus outbreak?

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This