An official website of the United States government
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

GWOT- Global War on Thumb Drives

  • Published
  • By Staff Sgt. Alexandra M. Boutte
  • 386th Air Expeditionary Wing Public Affairs
SOUTHWEST ASIA --  From the restrooms, dining facility and work centers, many Airmen have seen the witty posters stating the No Unauthorized Universal Serial Bus Device Campaign.

According to the National Cyber Alert System, USB flash drives are popular for storing and transporting data, but some of the characteristics that make them convenient also introduce security risks.

"USB devices were specifically banned for the use on Department of Defense computer networks due to the threat they pose to our operations," said Tech. Sgt. Joe Johnson, 386th Air Expeditionary Wing Information Assurance office. "Removable media can be easily used as an attack vector by our adversaries to exploit or inject viruses onto our network."

Despite coverage of the topic upon arrival at the passenger terminal and Right Start briefings, memorable campaign posters, taping over the actual ports, and even a mandatory USB device policy quiz before a network account is created, the communications squadron still disables numerous network accounts each month for USB device violations.

"We are still countering an overt disregard for network security," said Maj. Jeffrey Thompson, 386th ECS commander. "We've made tremendous progress in reducing the number of USB device violations, from a high of 24 incidents in January to only 11 in March and from 17 events in June to just 4 in August. However, we're still seeing a cyclical trend that spikes during periods of high personnel turnover. As we approach the next major personnel rotation, we need everyone's help getting the word out about this very real threat to our networks."

The use and connection of any of these devices on the network are direct violation of DOD polices.

"If someone inserts a flash drive and we can catch the device, our assumption is that that computer is infected," Thompson said. "Our immediate action is to remove the threat from the network, which means, that computer is taken offline. That can have a direct impact to the mission, because that computer is down until it is declared safe to be put back online."

When such an unauthorized device is connected, Air Force Central Command Network Security will forward the user's account, device serial number and computer name to the 386th Information Assurance office.

"The violator's account will be locked until the user re-accomplishes the DoD Information Assurance Awareness and Air Force Information Protection computer based training and the individual's squadron commander approves the account for reactivation," Thompson said.

The following devices, including plugging in USB connectors for battery charging are banned from connecting to network computers:

Thumb drives, USB flash drives, memory sticks and other flash storage devices. Here is a list of examples.

- iPods and Sony PSPs
- Kindle and eBook readers
- Personal and Government-issued cell phones
- Camera and camcorders
- Flash media card readers

"Bottom line, if it hasn't been explicitly approved for use with your computer, you shouldn't plug it into the system's USB ports," Thompson said.

Current Air Force policy allows the use of external hard drives provided that specific implementation procedures and operational requirements are met. Users must contact the Communications Focal Point at 442-2666 to initiate a USB device waiver request.

"To transfer files from computer to computer, you may use CDs and DVDs or floppy disks," Johnson said. "You must make sure [CDs and DVDs] are virus scanned before you transfer the files."

In case of malware infection, classified or personally identifiable information incidents, command security manager involvement is required.

Users do not have the authority to accept, ignore or transfer risk on behalf of the DoD by plugging in an authorized device into the USB port. A violation of policy by a user in a deployed location can have cascading effects which eventually impact multiple DoD networks.

"Users are reminded that a network account is not your right," Thompson said. "Your account and your computer are government provided tools."

Follow the standards and use the tools in accordance with these standards risk losing access to the tools.