Think before you 'plug in'

  • Published
  • By Staff Sgt. Eric Burks
  • 51st Fighter Wing Public Affairs
OSAN AIR BASE, Republic of Korea --  Osan's unclassified (NIPR) computer network is now more secure, thanks to a Universal Serial Bus detection script recently implemented by the 51st Communications Squadron.

The script, which detects unauthorized USB devices such as thumb drives and MP3 players when plugged into a NIPR system, was created to enforce network security compliance and protect the base's critical communications systems.

"Some users were ignoring the requirement to register their USB hard drives, or were still using USB flash media on the Osan network domain," said Capt. Raquel Cummins, 51st CS. "These actions can expose the network to malware and other viruses."

Since March 1, there have more than 400 recorded violations of network security policy relating to unauthorized USB devices, the captain said. The majority are unregistered devices, while about five percent are cell phones, flash drives, MP3 players or other prohibited devices.

Lt. Col. Andrew Ryan, 51st CS commander, said, "The Defense Department has spent hundreds of millions of dollars to enhance and secure our information technology infrastructure to prevent attacks from the Internet ... this security structure could be undone by someone unwittingly transporting a virus directly onto our network from USB media."

"New viruses emerge all the time and some can destroy or corrupt your data," he said. "We need to ensure we're not the first to discover the next virus."

When an unauthorized device is plugged into a network system, the USB detection script triggers the following chain of events:

1. A network violation window pops up and the user is logged off their computer.
2. Communications Focal Point and network control center personnel are notified via e-mail.
3. The offending user's commander will be notified via a written memo.
4. The offending user must re-accomplish information assurance and information protection training.

"The work you do is vital and the information we share, along with the systems we use to do it, are critical to the success of our mission," said Colonel Ryan. "We know this but our adversaries are even more aware of it."

For users who need to back up critical files, government-owned USB hard drives are a viable option. The hard drive must be approved by your commander and registered with the 51st CS, then may be used on Osan's NIPR network.

In order to register an authorized USB device for use on the network, users must:

1. Contact the wing information assurance office or the 51st CS CFP to have the USB device scanned on a standalone system in Bldg. 949.
2. Complete a USB waiver memo with commander's signature, and submit it to wing IA for approval.
3. Wait for approval notification from wing IA that device has been added to the "approved list" before plugging it in.

For more information, contact wing IA at DSN 784-1058 or the 51st CS CFP at 784-2666, and select option one.

- Removable media FAQ

51st CS contributed to this article.