Sunday, February 13, 2005

NNSA's View on NNSA


SANTA FE NEW MEXICAN
February 13, 2005

Learning lessons from LANL


Diana Heil | The New Mexican


Although it appears no weapons designs have fallen into enemy hands in recent years, the federal government remains deeply concerned by failures in security management at Los Alamos National Laboratory.

A senior official with the National Nuclear Security Administration in Washington, D.C., which oversees security at the lab, admitted last week that the agency hasn't been doing its job there.

Bill Desmond, acting associate administrator for defense nuclear security, said neither NNSA nor the lab was aware of the extent to which lab employees disregarded security procedures until two classified computer disks were thought to be missing this summer. An inventory showed that large amounts of top-secret material -- besides the pair of disks -- were not properly tracked.

Desmond took personal responsibility for the fact the agency did not know the lab lacked effective procedures to protect classified material. In an interview, he said NNSA's Los Alamos office "didn't have the people (in both numbers and expertise) to look at incidents in the detail that we think incidents should be reviewed at the site office."

NNSA, a semiautonomous agency in the U.S. Department of Energy, was created in 2000 after the Wen Ho Lee nuclear-secrets scandal to try to reduce security lapses at the nation's nuclear-weapons laboratories.

A search for the missing disks exposed the deficiencies in the security procedures and led to an unprecedented, six-month stand down at the facility that cost taxpayers approximately $1 billion. All employees set aside normal work, for weeks or months, to focus on safety and security matters.

The investigation, which recently concluded the missing disks never existed, disclosed that NNSA, the University of California, DOE and other agencies had substantial evidence Los Alamos was having trouble following safety and security procedures prior to the missing-disk incident.

According to the report:

• In the first six months of 2004, top-secret data was transmitted via e-mail 18 times at LANL, more than the three other labs combined.

• The Defense Nuclear Facilities Safety Board, a federally funded group that tracks problems on a weekly basis, notified DOE and LANL that 32 percent of all nuclear-safety complaints filed between 2002 and 2004 concerned Los Alamos.

• The fines levied by the federal government against the lab were four times the total assessed against all other NNSA facilities.

• Los Alamos' combined injury and near-miss rate exceeded that of the other three labs, although the difference might be related to the greater complexity of operations at LANL.

Further evidence of security breakdowns emerged from a report on violations over three years at the nation's four nuclear-weapons labs prepared at the request of The New Mexican. It revealed 74 violations considered to potentially pose the most serious threats to national security. Of those, 35 took place at Lawrence Livermore National Laboratory in California; 22 at Los Alamos.

But few of these lapses resulted in top-secret information getting to an unauthorized person. In many instances, the violations are as simple as a guard falling asleep, a vault left unlocked overnight or a visitor bringing a camera into a restricted area.

In 10 cases, however, secret information was disclosed, but all were low-impact and occurred inside a DOE institution, according to NNSA.

A typical example would be an instance when a lab secretary, who does not hold a security clearance, inadvertently sees top-secret information.

Of the four facilities, only Sandia's two labs in Albuquerque and Livermore, Calif., listed the number of times classified information got to unauthorized people.

On Friday, NNSA said that, over the three years, there were four disclosures of classified information at both Los Alamos and at Lawrence Livermore.

Another 60 incidents of all types are still under investigation, but none of those is believed to be serious.

When lab workers, after-hours security forces, the NNSA site office or others suspect classified material has been compromised, the facility where the lapse occurred has 24 hours to categorize the incident according to level of threat and report the three most serious levels to the NNSA.

Other layers of protection usually keep security lapses from becoming a dangerous affair, said Ron Detry, chief security officer at Sandia National Laboratories in Albuquerque. It's like in your home, he said. If you forget to lock the door, you might have other defenses in place: a locked gate and a guard dog, for instance.

"NNSA is concerned whenever there is a security incident," said Desmond of the NNSA. "However, we have a process in place -- the incident-reporting process -- which allows us, our site offices, our contractors to address each and every security incident. And we're satisfied the process works reasonably well. We don't establish a goal because any incident is not acceptable."

But NNSA said it has learned a lesson -- it will no longer rely on documents to gauge the work of site offices scattered across the country. It has relied on each lab's self-assessment, each site office's annual security survey of its lab and on visits every two years from Energy Department investigators.

This year, Desmond plans to organize a group to review, in person, whether the site offices around the country are carrying out their responsibilities, he said.

Meanwhile, security specialists are gradually being added to Los Alamos' site office.

Although Desmond is concerned Los Alamos' site office hasn't been aggressive enough in tracking security at the lab, he believes, in general, that the agency's larger program is a good one.

The lab and the site office declined comment for this story.


Comments:
Diana, I suggest you research the following very carefully.

• In the first six months of 2004, top-secret data was transmitted via e-mail 18 times at LANL, more than the three other labs combined.

1. Did someone from NNSA say top secret or just secret?

2. Did someone from NNSA tell you that LANL and LLNL have different metrics for reporting this problem? At LANL any email that might contain classified information that is sent on the unclassified network is reported. At LLNL only that email which leaves LLNL is reported. Of course, it's impossible to determine if the mail leaves LLNL so LLNL probably under-reports.

3. "Further evidence of security breakdowns emerged from a report on violations over three years at the nation's four nuclear-weapons labs prepared at the request of The New Mexican. It revealed 74 violations considered to potentially pose the most serious threats to national security. Of those, 35 took place at Lawrence Livermore National Laboratory in California; 22 at Los Alamos." This paragraph contradicts the paragraphs that claim that LANL is worse than LLNL.

Note that NNSA does not have standard reporting requirements for all national labs so each lab can report problems in a way that makes them look less bad.
 
Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?