Monday, February 14, 2005

Were Are DOE's Missing DIsks?

From Anonymous:

Here's the most frightening aspect about the whole LANL mess. Eventually,
the odds are we'll have another safety or security violation. It happens
even in the best Agencies, and the statistical odds are that it will happen
here at some point. In most places, such an incident would be taken in stride
and proper corrective actions would be made. But when it happens here, we could
become "Rocky Flats II". Don't think for a moment that LANL is too important
for Congress not to shut us down. Rocky Flats was a one-of-a-kind facility
doing strategic national defense work, yet it was closed for good by the Feds.
Congress can rationalize that even with Los Alamos shut down, they can still
use Livermore for doing most of their DOE defense R&D work, plus save some
much needed cash to boot.

Thanks to Nanos, the Press, and some in Congress and the DOE, we are now
being held to standards that are almost sure to trigger a future "incident".
It's become a stacked deck against us. Is it any wonder that the staff is
totally demoralized and ready to jump ship? One might as well head for the
Titantic's life boats while there is still room to get on. Why wait for
the panic of the crowds near the end?

The thing that makes me most angry about this situation is that our top
management does almost nothing to defend us. For example, I've observed many
other Federal agencies never bother to inventory and bar-code classified
media starting at the secret level. At least LANL knows when this media is
missing. These other Agencies have no system in place to even identify the
problem! Why can't Nanos and company at least lift a finger to educate the
Press and Congress on these matters? He worked in the Navy -- did he see
them bar-code and inventory all their secret level floppies (I doubt it!).
And as far as the safety incidents go, many of them, like the famous "13kV"
substation incident that Nanos is so fond of telling, actually involved
local subcontractors who are hired by LANL contractors to do demolition work.
They are NOT caused by UC staff. They are caused by subcontractors to the
contractors to the Lab. Funny how Nanos never bothers to mention this little
fact when he spouts out his safety "horror stories". I wonder why this is?

And speaking of missing media, why is it that we have heard nothing further
about the classified disks that DOE announced were missing from their
Albuquerque office. We found ours (it was an accounting error). What about
these DOE disks? It's high time for some DOE confessions on this matter.


Comments:
Hmmm, I wonder just what kind of cybersecurity those Navy guys really practice? According to this post (somewhat dated) from InfoSec News, it's not very good at all:


[ISN] Re: Stolen Navy Laptop
.

* To: InfoSec News <[EMAIL PROTECTED]>
* Subject: [ISN] Re: Stolen Navy Laptop
* From: mea culpa <[EMAIL PROTECTED]>
* Date: Sun, 23 Aug 1998 19:51:02 -0500 (CDT)

.


[Moderator: End of thread.]

Reply From: [EMAIL PROTECTED]

I was in the Navy for 12 years, and got out last year. My last duty
station was on a Submarine at Norfolk, and I can tell you that many of the
PCs, even laptops, had classified information on them. The requirement for
removable hard drives was only applied to the most sensitive of data, such
as Top Secret SCI and Crypto. Most of the officers' laptops were used for
preparing briefings, were cleared for, and contained Secret material. I
would not be surprised at all if some even contained some Top Secret
material that they had used for a briefing. Many of the officers were
overworked, and not that computer literate. So, even if they did not save
the data to the Hard Drive, the cache may very well have the data.
I was the Assistant Security Officer, and know for a fact that even though
the machines might not be cleared for Secret material, they often were used
for it. And since the officers were in charge, and had the backing of the
Commanding Officer, nothing was done about it. It would have been
EXTREMELY easy for me to walk off of that submarine at any time with a
laptop carrying classified data.
 
The Army's official SOP for operating classified systems at the Secret level has a section called "Removable Magnetic Media". It says nothing about bar-coding their classified media. Guess they don't bother to track it. I wonder how they know when something is lost or stolen? If an enemy was able to get a battle plan, as a soldier, I would want to know that they had it, for sure.

http://www.globalsecurity.org/military/library/policy/army/fm/24-7/appa.htm
 
Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?