Network Unplugged: 18th CS officials zero in on USB policy violators

  • Published
  • By Staff Sgt. Jason Lake
  • 18th Wing Public Affairs
KADENA AIR FORCE BASE, Japan --  Big Brother is watching ... and taking names. 

Although it's been nearly a year since Defense Department officials banned USB flash media devices and personal electronic devices from government computer systems, a small percentage of Air Force network users at Kadena continue to violate the policy. 

"Current Department of Defense policy prohibits the use of all flash-based USB and privately owned devices on government systems, regardless of whether the system is connected to the network or not," said Lt. Col. Jason Sutton, 18th Communications Squadron commander. "Devices that use flash memory, such as MP3 players, iPods, thumb drives, digital cameras and personal digital assistants (PDAs) are prohibited. It doesn't matter if you just want to copy a text file, listen to one song, or just charge your iPod battery. You still can't plug it in to a government system." 

Kadena was the first base in Pacific Air Forces to install specialized software that logs and reports policy violations in real-time. During a recent week-long scan of the base's government systems, more than 30 violators were detected and their personal hardware had to be confiscated. 

"One of the confiscated devices had a virus on it, but the user had no idea it was there because his home computer had anti-virus software that was outdated," said Staff Sgt. Nicolas Vazzana, 18th Communications Squadron's information assurance expert. "Luckily, the virus was quickly identified and quarantined before it could spread to other systems. Just one computer infected with a virus, Trojan or worm can severely impact the effectiveness of our communication networks, and in turn, our war fighting potential." 

A cheap USB drive with the right software installed on it can carry out a slew of malicious attacks that can cripple a computer system the moment it's plugged in, steal and transmit sensitive mission data without a users' knowledge, or create a 'back door' allowing hackers complete control of a computer system. 

Sergeant Vazzana said there is no real profile of a violator because there have been violations across the spectrum of military ranks, civilian employees, contractors and foreign national employees - many of which were aware of the policy before making the violation. 

At a minimum, violators will have their Air Force network access revoked for 30 days. Unit commanders may also punish individuals who violate the policy. 

"Individual commanders have all available options to them under the Uniform Code of Military Justice, but each case stands alone and is fact dependent," explained Lt. Col. Greg Friedland, 18th Wing deputy staff judge advocate. 

In order to get back on the Air Force network, violators must recomplete their annual information protection training and get their commander's approval for account restoration. 

"Their unit commander must submit a letter to the 18th Communications Squadron validating that the individual has completed the training and needs network access," Colonel Sutton explained. 

To be on the safe side, communication squadron officials encourage network users to consult their unit information assurance officer and computer system administrators before plugging in any kind of hardware to Air Force computers. 

Users can also get additional information through Air Force Instruction 33-100, 'User Responsibilities and Guidance for Information Systems,' and Air Force System Security Instruction 8502, 'Organizational Computer Security.' 

"Computer security is no longer just a 'COM thing,'" said Sergeant Vazzana. "Every user is a sentry. Anytime you access a government system, you need to be fully aware of your responsibilities and the consequences of your actions, from log-on to log-off. Recognize the benefit that system provides and what would happen if you could no longer use a computer to do your job."