[NOAH SHACHTMAN](https://www.wired.com/author/noah-shachtman) [SECURITY](https://www.wired.com/category/security/) 11.19.08 03:12 PM # UNDER WORM ASSAULT, MILITARY BANS DISKS, USB DRIVES The Defense Department's geeks are spooked by a rapidly spreading worm crawling across their networks. So they've suspended the use of so called thumb drives, CDs, flash media cards, and all other removable data storage devices from their nets, to try to keep the worm from multiplying any further. The ban comes from the commander of U.S. Strategic Command, according to an internal Army e-mail. It applies to both the secret [SIPR and](http://en.wikipedia.org/wiki/SIPRNET) unclassified [NIPR nets. The suspension, which includes everything from external hard drives to "floppy disks," is supposed to take effect](http://en.wikipedia.org/wiki/NIPRNET) "immediately." Similar notices went out to the other military services. In some organizations, the ban would be only a minor inconvenience. But the military relies heavily on such drives to store information. Bandwidth is often scarce out in the field. Networks are often considered unreliable. Takeaway storage is used constantly as a substitute. [The problem, according to a second Army e-mail, was prompted by a "virus called Agent.btz." That's a variation of the "SillyFDC" worm, which](http://www.symantec.com/security_response/writeup.jsp?docid=2006-071111-0646-99&tabid=2) spreads by copying itself to thumb drives and the like. When that drive or disk is plugged into a second computer, the worm replicates itself i thi ti th PC "F th it t ti ll d l d d f th l ti A d th t d ld b tt h ----- Servicemembers are supposed to "cease usage of all USB storage media until the USB devices are properly scanned and determined to be free of malware," one e-mail notes. Eventually, some government-approved drives will be allowed back under certain "mission-critical," but unclassified, circumstances. "Personally owned or non-authorized devices" are "prohibited" from here on out. To make sure troops and military civilians are observing the suspension, government security teams "will be conducting daily scans and running custom scripts on NIPRNET and SIPRNET to ensure the commercial malware has not been introduced," an e-mail says. "Any discovery of malware will result in the opening of a security incident report and will be referred to the appropriate security officer for action." "The USB ban should be effective in stopping the worm," Olson says. Asked if such a wide-spread measure was a bit of over-kill, Olson responded, "I don't know." "I know this [is an] inconvenience," e-mails one Michigan Army National Guardsman. "This has been briefed to the CoS [Chief of Staff] of the ARMY. This is not just a problem for Michigan, and is effecting operations around the world. This is a very serious threat and should be treated as such. Please understand that this is a form of attack, and we need to have patience in dealing with this issue." [Photo: Department of Defense] [#INFO WAR](https://www.wired.com/tag/info-war/) VIEW COMMENTS ### SPONSORED STORIES LILY HAY NEWMAN BRIAN BARRETT DAVID NIELD BRIAN BARRETT EMILY DREYFUSS The Sensors That Power Online Stock Simple Steps to The Explosive-Carrying Security News This Week: Air ----- VOTING MACHINES At DefCon, the Biggest Election Threat Is Lack of Funding [LILY HAY NEWMAN](https://www.wired.com/author/lily-hay-newman/) SECURITY ROUNDUP Surprise, the FCC Lied About That DDoS Attack [EMILY DREYFUSS](https://www.wired.com/author/emily-dreyfuss/) LOUISE MATSAKIS [Even Anonymous Coders Leave](https://www.wired.com/story/machine-learning-identify-anonymous-code/) Fingerprints LILY HAY NEWMAN [Bugs in Mobile Credit Card Readers C](https://www.wired.com/story/bugs-in-mobile-credit-card-readers-could-leave-buyers-exposed/) Expose Buyers LILY HAY NEWMAN [Hacking a Brand New Mac Remotely,](https://www.wired.com/story/mac-remote-hack-wifi-enterprise/) Out of the Box EMILY DREYFUSS [Smartphone Voting Is Happening, bu](https://www.wired.com/story/smartphone-voting-is-happening-west-virginia/) One Knows if It's Safe LILY HAY NEWMAN [A New Pacemaker Hack Puts Malware](https://www.wired.com/story/pacemaker-hack-malware-black-hat/) Directly on the Device LOUISE MATSAKIS [Even Anonymous Coders Leave](https://www.wired.com/story/machine-learning-identify-anonymous-code/) Fingerprints LILY HAY NEWMAN [Bugs in Mobile Credit Card Readers C](https://www.wired.com/story/bugs-in-mobile-credit-card-readers-could-leave-buyers-exposed/) Expose Buyers LILY HAY NEWMAN [Hacking a Brand New Mac Remotely,](https://www.wired.com/story/mac-remote-hack-wifi-enterprise/) Out of the Box EMILY DREYFUSS [Smartphone Voting Is Happening, bu](https://www.wired.com/story/smartphone-voting-is-happening-west-virginia/) One Knows if It's Safe LILY HAY NEWMAN [A New Pacemaker Hack Puts Malware](https://www.wired.com/story/pacemaker-hack-malware-black-hat/) Directly on the Device [A New Pacemaker Hack Puts Malware](https://www.wired.com/story/pacemaker-hack-malware-black-hat/) Directly on the Device ## IOT HACKABLE TOUCHSCREENS COUL ON HOTEL ROOMS AND MEETINGS [LOUISE MATSAKIS](https://www.wired.com/author/louise-matsakis/) #NEVERTW EET A Tweet About Hacking Gets a Google Engineer in Trouble [LOUISE MATSAKIS](https://www.wired.com/author/louise-matsakis/) #NEVERTW EET A Tweet About Hacking Gets a Google Engineer in Trouble [LOUISE MATSAKIS](https://www.wired.com/author/louise-matsakis/) ## GET OUR NEWSLETTER [WIRED’s biggest stories delivered to your inbox.](https://www.wired.com/newsletter) VOTING MACHINES At DefCon, the Biggest Election Threat Is Lack of Funding [LILY HAY NEWMAN](https://www.wired.com/author/lily-hay-newman/) LOUISE MATSAKIS [Even Anonymous Coders Leave](https://www.wired.com/story/machine-learning-identify-anonymous-code/) Fingerprints LILY HAY NEWMAN [Bugs in Mobile Credit Card Readers C](https://www.wired.com/story/bugs-in-mobile-credit-card-readers-could-leave-buyers-exposed/) Expose Buyers LILY HAY NEWMAN [Hacking a Brand New Mac Remotely,](https://www.wired.com/story/mac-remote-hack-wifi-enterprise/) Out of the Box EMILY DREYFUSS [Smartphone Voting Is Happening, bu](https://www.wired.com/story/smartphone-voting-is-happening-west-virginia/) One Knows if It's Safe LILY HAY NEWMAN [A New Pacemaker Hack Puts Malware](https://www.wired.com/story/pacemaker-hack-malware-black-hat/) Directly on the Device Directly on the Device ## IOT HACKABLE TOUCHSCREENS COUL ON HOTEL ROOMS AND MEETINGS [LOUISE MATSAKIS](https://www.wired.com/author/louise-matsakis/) BUGS Millions of Android Devices Are Vulnerable Out of the Box [BRIAN BARRETT](https://www.wired.com/author/brian-barrett/) ----- [SUBSCRIBE](https://www.wired.com/subscribe/) [ADVERTISE](https://www.wired.com/wired-advertising/) [SITE MAP](https://www.wired.com/sitemap/) [PRESS CENTER](https://www.wired.com/about/press/) [FAQ](https://www.wired.com/about/faq/) [ACCESSIBILITY HELP](https://www.wired.com/about/accessibility-help/) [CUSTOMER CARE](https://subscriptions.wired.com/pubs/N3/WIR/Register.jsp?cds_page_id=175371&cds_mag_code=WIR&id=1423757547774&lsid=50431012277019467&vid=1) [CONTACT US](https://www.wired.com/about/feedback/) [SECUREDROP](https://www.wired.com/securedrop/) [T-SHIRT COLLECTION](https://subscribe.wired.com/subscribe/wired/109426?source=NativeFooter) [NEWSLETTER](https://www.wired.com/services/newsletters/demographics/) [WIRED STAFF](https://www.wired.com/wired-staff/) [JOBS](https://www.wired.com/about/wired-jobs/) [RSS](https://www.wired.com/about/rss_feeds/) CNMN Collection © 2018 Condé Nast. All rights reserved. [Use of and/or registration on any portion of this site constitutes acceptance of our User Agreement (updated 5/25/18) and Privacy Policy and Cookie](http://www.condenast.com/privacy-policy) [Statement (updated 5/25/18). Your California Privacy Rights. The material on this site may not be reproduced, distributed, transmitted, cached or](http://www.condenast.com/privacy-policy#privacypolicy-california) [otherwise used, except with the prior written permission of Condé Nast. Ad Choices.](http://www.condenast.com/privacy-policy#privacypolicy-optout) [SUBSCRIBE](https://www.wired.com/subscribe/) [ADVERTISE](https://www.wired.com/wired-advertising/) [SITE MAP](https://www.wired.com/sitemap/) [PRESS CENTER](https://www.wired.com/about/press/) [FAQ](https://www.wired.com/about/faq/) [ACCESSIBILITY HELP](https://www.wired.com/about/accessibility-help/) [CUSTOMER CARE](https://subscriptions.wired.com/pubs/N3/WIR/Register.jsp?cds_page_id=175371&cds_mag_code=WIR&id=1423757547774&lsid=50431012277019467&vid=1) [CONTACT US](https://www.wired.com/about/feedback/) [SECUREDROP](https://www.wired.com/securedrop/) [T-SHIRT COLLECTION](https://subscribe.wired.com/subscribe/wired/109426?source=NativeFooter) [NEWSLETTER](https://www.wired.com/services/newsletters/demographics/) [WIRED STAFF](https://www.wired.com/wired-staff/) [JOBS](https://www.wired.com/about/wired-jobs/) [RSS](https://www.wired.com/about/rss_feeds/) CNMN Collection © 2018 Condé Nast. All rights reserved. [Use of and/or registration on any portion of this site constitutes acceptance of our User Agreement (updated 5/25/18) and Privacy Policy and Cookie](http://www.condenast.com/privacy-policy) [Statement (updated 5/25/18). Your California Privacy Rights. The material on this site may not be reproduced, distributed, transmitted, cached or](http://www.condenast.com/privacy-policy#privacypolicy-california) [otherwise used, except with the prior written permission of Condé Nast. Ad Choices.](http://www.condenast.com/privacy-policy#privacypolicy-optout) -----