RE: OT: Pentagon Hit by Unprecedented Cyber Attack

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Lisa Kachold
Date:  
To: plug-discuss
Subject: RE: OT: Pentagon Hit by Unprecedented Cyber Attack

The USB key is loaded by Microsoft when inserted, and will happily run any autorun "utilities" copied to it.

Loading a USB key can and does propigate these Microsoft viri:

1) worms
2) trojans
3) autorun trojans boot sector attacks

Windows suggests that user's disable the autorun features:
http://antivirus.about.com/od/securitytips/ht/autorun.htm

However, most high security sites disallow USB keys.

As we all know, we could setup a fine sniffer, or arp cache poisoning tool, coordinated localhost attack, Metasploit scripted attack, all happily running on a "blanked screen" USB key booted to BIOS on any DoD Dell.

They disallow Blackberry camera phones, BlueTooth and you also can't get to YouTube, Flickr, Myspace, or your Gmail and MSN webmail also!

www.Obnosis.com | http://en.wiktionary.org/wiki/Citations:obnosis |
http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452
Catch the January PLUG HackFest! Kristy Westphal, CSO for the Arizona Department of Economic
Security will provide a one hour
presentation on forensics.




Date: Fri, 21 Nov 2008 09:27:46 -0700
From:
To:
Subject: Re: OT: Pentagon Hit by Unprecedented Cyber Attack




On Thu, Nov 20, 2008 at 7:49 PM, <> wrote:


http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedente

d-attack/



>... it has taken the unprecedented step of banning the use of external >hardware devices, such as flash drives and DVD's...
>The attack came in the form of a global virus or worm that is spreading rapidly throughout a number of military networks.

I fail to see the connection....
In my experience worms and virii usually don't propagate through DVDs... and rarely through flash drives. will banning these things REALLY secure things? what keeps a user behind their networks from opening VitalIntelligenceReport.doc.exe and executing it?


~ryan

--
Thanks and best regards,
Ryan Rix
TamsPalm - The PalmOS Blog
(623)-239-1103 <-- Grand Central, baby!

Jasmine Bowden - Class of 2009, Marc Rasmussen - Class of 2008, Erica

Sheffey - Class of 2009, Rest in peace.

_________________________________________________________________
Color coding for safety: Windows Live Hotmail alerts you to suspicious email.
http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_safety_112008 ---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss