According to the report, Agent BTZ spreads by copying itself to USB drives and the like, so that when the drive is inserted into another computer, the worm replicates in a never ending cycle - every time a new drive is detected.
USB drives, as well as all removable storage devices, can run a program automatically on your machine based on the computer's configuration.
While Autorun is featured in Windows OS as a convenience, you do have the option of disabling it, particularly as an unfortunate side effect can be the loading and executing of programs on your PC without your knowledge.
Autorun and AutoPlay
There seems to be a little confusion about the differences between AutoPlay and Autorun so we've defined them here:
AutoPlay is a Windows feature that lets you choose which program to use to start different kinds of media. You can change AutoPlay settings for each media type.
Autorun is a technology used to start any program automatically when you insert various media into your computer. While different from AutoPlay, the result is typically the same: when inserted, a specific program on the external device runs automatically.
While you cannot modify the Autorun.inf file on the external device you plug into your machine, you can stop it from executing on your computer by modifying your registry.
To modify the registry setting, Microsoft has set up a page to help you determine which updates you will need, and then offers step by step instructions on how to disable Autorun. You can find it here.
Even though disabling of Autorun seems a relatively painless process, clearly it isn't enough to soothe the Defense Department or security experts.
Shachtman, in his Wired article asked Ryan Olson, director of rapid response for iDefense whether banning external devices was "a bit of over-kill," and received the answer "I don't know." Although, Olson did offer: "The USB ban should be effective in stopping the worm."
Perhaps the Defense Department should have taken its lead from what has been drummed into home computer users over the years; that is, use anti-virus software and keep your definitions up to date.
What do you think?