Protecting the Network

  • Published
  • By Cyber Surety
  • HQ USAFE
RAMSTEIN AIR BASE, Germany --  In this day and age, war readiness is at the forefront of everything we do as members of the armed forces. We stay mentally and physically prepared through training that enhances our skill as war fighters in the event that we will be called to deploy and serve in austere locations. We check our equipment over and over so that we know it will serve its purpose when needed. The last thing you want to have is a weapon that malfunctions when you need it the most. The most important weapon system in today's fight, that is greatly overlooked, is the computer network. Computers ensure we get the job done and get it done in a timely fashion. When the network is threatened, we need to act fast to make absolutely sure it stays uncompromised and maintain the three points of computer security: confidentiality, integrity, and availability. Recently, our network has been threatened by the "agent.btz" worm that has affected computers all across the DoD network. The worm spreads quickly and quietly through the use of flash memory. This was, and still is, the cause for the continuing universal ban on all flash memory devices across the Defense Department.

So what exactly is flash memory? The technical definition of flash memory is any non-volatile computer memory that can be electrically erased and reprogrammed. Simply put, non-volatile means no power is required to keep the information on the chip. Several examples of flash memory would be thumb drives, memory cards, handheld devices (e.g. mp3 players, IPods, cameras), and flash hard drives. The biggest confusion with this is what actually constitutes an external flash hard drive. A flash hard drive would be any storage device connected by USB cable that lacks magnetically spinning disks to store data. In really simple terms, flash drives don't vibrate when storing data.

So what is allowed on the DoD network? The only devices currently allowed to be plugged into the DoD network are drives which are government owned and not based on flash memory technology. Meaning, anything the government has purchased for official business and has internal moving parts.

Keep in mind, you must perform a full virus scan with Symantec antivirus on the device EVERY TIME you plug it into your computer. This step will ensure the media has not been compromised and will not pose a risk to the network. To perform a virus scan:

1. Open Symantec Antivirus by double-clicking the yellow shield in the system tray at the bottom right hand corner of your desktop.
2. Once the program is open, you will see the scan menu on the left. Expand the menu to view all options.
3. Select the custom scan option; check the box of the drive you will be using and click the scan button.
4. Once the scan is complete and no malware has been detected, it is safe to proceed.

One item of interest is government owned blackberries. These devices actually do contain flash memory but still must be connected to the network occasionally. GOVERNMENT OWNED blackberries are not included in the flash memory ban due to their use of two forms of encryption; Triple DES (Data Encryption Standard) and AES (Advanced Encryption Standard). Because of the extreme level of security used, the Defense Information Systems Agency (DISA), has approved their use on the government network.
As our missions grow, so do the number of adversaries determined to stop them and the "agent.btz" worm can do just that. In order to contain this computer attack, we must not use flash memory or flash based devices until further notice. By taking this inconvenient action now, we can trust and know that the network will be safer and our mission data, pay, and personal information will be there when we need it next time.