Kind of like the one kid at school that breaks the rules and ruins the fun for everyone, the WikiLeaks scandal has forced the US DoD to ban the use of CDs, DVDs, and thumb drives on SIPRNET computers.
Those most affected by the ban are soldiers on the ground level who are now prohibited from using the everyday tools for fear of facing a court martial.
The US government is worried that information may be stolen from the secure servers with removable media devices, mostly because this isn’t the first time that’s happened.
To be sure, the Pentagon’s super secure Zippernet server was hacked using a removable flash drive, and it has been determined that WikiLeak documents were obtained in a similar fashion.
This also isn’t the first time removable media has been banned.
Two years ago, the Pentagon discovered that drives and disks helped spread a virus across secure computers, which prompted the DoD to implement a sweeping ban.
However, the moment it was lifted, “Deep Throat” Pfc. Bradley Manning started downloading classified information from SIPRNET onto a CD marked “Lady Gaga.” The highly-embarassing information was susbsequently transferred to WikiLeaks.
The above-mentioned ban arrived in the form of a “Cyber Control Order,” which stipulates an immediate end to the use of removable media on all systems, servers, and stand alone machines residing on SIPRNET.
“Unauthorized data transfers routinely occur on classified networks using removable media and are a method the insider threat uses to exploit classified information,” reads the order.
“To mitigate the activity all…must immediately suspend all SIPRNET data transfer activities on removable media.”
In conjunction with the Cyber Control Order, the Pentagon is also connecting military machines to a Host Based Security System that detects “suspicious” computer behavior.
Aside from being an overall hassle, the ban affects administrators who frequently transfer information using flash drives between computers that are not on a network due to security constraints or computers in remote areas.
“Users will experience difficulty with transferring data for operational needs which could impede timeliness on mission execution,” the document concedes.
Nevertheless, “military personnel who do not comply may be punished under Article 92 of the Uniformed Code of Military Justice.”
Of course, only time will only tell if the draconian ban on removable media will help protect the military’s sensitive information, or if we’ll be faced with WikiLeaks part two.
[Via Wired DangerRoom]
