Ipswitch Blog

Classified Network Breached w/ USB Drive

| August 27, 2010 | Compliance, Data Breach, Enforcement, Managed File Transfer, Secure File Transfer

According to the Washington Post, Deputy Defense Secretary William J. Lynn III just confirmed that a classified military network was breached with a single USB drive in 2008.

http://www.washingtonpost.com/wp-dyn/content/article/2010/08/24/AR2010082406154.html

As a security expert, the fact that someone used a USB drive on the wrong machine isn’t surprising: it happens every day when people use these drives to swap files between work and home computers.

What is surprising is Lynn’s statement that: “code spread undetected on both classified and unclassified systems”.  This suggests that neither the content of the files being distributed nor the network behavior of the malicious application were being analyzed – even on a secure network.

This incident demonstrates that even the most sensitive network can be breached if there is only a single layer of defense.   With data loss prevention (DLP), intrusion detection, antivirus and integrity technology there should be multiple layers of defense seeking and listening for threats in a coordinated manner on any modern secure  network.

The government’s reaction to the incident was also interesting: ban all USB drives.  The military did it in 2008…and survived.

So what about the file transfers that needed to occur between the military’s various networks?  Managed file transfer technology is all about answering that question, and answering it with easy-to-use, scalable solutions built on the concept of defense in depth.

How IT Pros Can Save 30 Minutes a Day

How IT Pros Can Save 30 Minutes a Day

Implementing Compliance for Data Privacy in Regulated Industries

Free Webinar: Implementing Compliance for Data Privacy in Regulated Industries
[ do default stuff if no widgets ]

Leave a Reply

Your email address will not be published. Required fields are marked *

Ipswitch Blog

This post was written by Ipswitch Blog

Ipswitch helps solve complex IT problems with simple solutions. The company’s software has been installed on more than 150,000 networks spanning 168 countries to monitor networks, applications and servers, and securely transfer files between systems, business partners and customers. Ipswitch was founded in 1991 and is based in Lexington, Massachusetts with offices throughout the U.S., Europe, Asia and Latin America.