Spy's USB Drive Caused Worst US Military Breach

[beayn]

Apparently the military needs to learn how to turn off Auto-Run.

I can put infected flash drives in my computer all I want. It won't execute anything on them and only an idiot would click on an executable file, especially while on a secured military network.

 

[JOSHSKORN]

I use to work with a guy that inadvertently put the Conflicker.A virus on our network via a USB Flash. It happens.

 

[cookoy]

with 15,000 networks and 7 million devices and who knows how many not so security savvy users, it's really hard to secure the entire system. remember a chain is as strong as its weakest link. so too is your network.

 

[c0r3f1ght3r]

lol yeah i remember when that happened back in the 82nd we couldn't use any external devices after that...

 

[bebangs]

hmm.... i see it as simply just an autorun virus explained in a much detailed military way.

 

[dEAne]

That's not to be surprise. Even us were all vulnerable too.

 

[gmarsack]

[citation][nom]joebob2000[/nom]LOL WATSo this is what it took for them to say "no flash drives from outside computers!" or maybe, just maybe, they used one of the zillion available methods to disallow flash drive usage altogether. How hard is that idea to come up with? What about sandboxing any external drive? Persistent internal firewalls? There are so many ways to stop this from happening that it defies belief. Hell, a compromised flash drive was the plot of a damn movie prior to 2008 (the Recruit, 2003) and they still didn't think it was worth safeguarding??? It's nice to see the $600 billion or so per year is well spent![/citation]

It's the US Military.. Radio Shack has a better security policy and a more knowledgeable staff. 🙁 The government should learn, you ain't gonna fix this problem on your own. It's called the private sector. Why don't you hire professionals (who actually deal with this stuff) to fix your network problems then retrain a Marine who just did 2 tours how a network switch and a fire work. 🙁

 

[eddieroolz]

Damn, 100 foreign intelligence agencies trying to get in. Must be tough trying to defend itself from all that.

 

[cmartin011]

hmmmm well i guess you don't need a alien quantum-bio super computer like in transformers to hack gov mainframe. just the more computer litter-it countries around us with free time on there hands and a couple of usb sticks and a plane ticket. I hope they reveal a whole bunch of secrets just for shits and giggles. gotta stop using norton lol. and if you have secrets you dont want shared remove them to a none networked device for god sake 😛

 

[harth13]

old news

 

[Guest]

Robot Hanssen is probably banging his head in prison.
"It's so much easier to be a spy these day"

 

[getritch]

[citation][nom]ares1214[/nom]So mix this, with the intel mind reading stuff, and the apple liquid alloy metal, and we have Skynet...[/citation]

Amazing. simply amazing sir.

and it also amazes me that almost every other post on this site gets at least one argument in the comments, but we are unified in bashing our government.
nice.

 

[nebun]

hope they learned their lesson...machines with secret stuff should not be connected to the WWW. how stupid do you have to be?

 

[Camikazi]

[citation][nom]christop[/nom]Let me guess they found the drive on the ground in the camp and plugged it in to see who it belonged to. People should know better than to just plug a drive in and not know whats on it.[/citation]
Or at least make sure AutoRun is off before they plug it in 😛

 

[patrickhughes]

I cant believe that happened but I guess it was always a matter of time

 

[aaron686]

Hey its the ATI vs Nvidia pic! hehe

 

[SanDiego]

The safest network is one that does not have Internet.

 

[whiplash75]

Attention all Planets of the Solar Federation
Attention all Planets of the Solar Federation
Attention all Planets of the Solar Federation
We have assumed control
We have assumed control
We have assumed control

 

[palladin9479]

Hmm interesting that she would go about saying it that way. That is technically impossible to spread malicious code that way through the NIPR / SIPR networks. It would at most hit everything within a single regional command but wouldn't be able to spread outside that due to restrictions put in-place on the system. Not to mention getting in / out of the classified systems is impossible. Literally pull the plug out of the back of your computer then try to "infect" it impossible.

And code doesn't just *leap* off a USB stick through a computer and jump to every other computer around, this is the 1980's movie Hackers. It must be executed at each location to actually do anything other then sit in your inbox.

 

[palladin9479]

The safest network is one that does not have Internet.

And this about sums up the entire concept behind the SIPRNet / RIPRNet / NIPRNet. With NIPRNet being the only one connected to the internet through egress points. NIPRNet only processes FOUO (For Official Use Only) data, nothing classified.

 

[ren_xeon]

This is for US military

"How about not surfing through internet while ur fighting war ?"

 

[mcvf]

[citation][nom]Dirtman73[/nom]And how many other countries is the US doing this to? In the "intelligence" world, what comes around goes around.[/citation]
This accident was probably released only because it is not significant enough and under full control now. Motivation would be to push forward some wider budget for cybersecurity/army or push through some cybersecurity bills in congress.
If it would be really bad - like some top secrets stolen, they would keep quiet on that. No agency/army in world is stupid enough to broadcast how stupid they/their employees were.

 

[kingssman]

in an age where information can be hidden in jpg files, the USB trick is the easiest and most overlooked. Of course you can secure a computer to uselessness. But anyone who has physical access to a computer can hack it far easier than say a remote hack.

 

[shizen]

this is script for transformers 3?