By ROGER SNODGRASS
Monitor Assistant Editor
November 30, 2006
A special inquiry into the most recent security breach at Los Alamos
National Laboratory has uncovered "significant deficiencies and
vulnerabilities that need to be addressed," said Energy Secretary Samuel
Bodman in a statement Tuesday.
On Oct. 17, police investigators found classified material in the Los
Alamos mobile home of a former employee of a laboratory contractor.
During a follow-up search images of apparently classified documents were
found on a jump drive and several hundred hardcopy pages of laboratory
documents with classified markings were recovered, according to the
results of the special inquiry.
The case is in the hands of the Federal Bureau of Investigation, but
Bodman also requested the department's Inspector General, Gregory H.
Friedman, to conduct a special inquiry last month.
The results, Bodman said, contain information that cannot be disclosed
to the public. But because of public interest, in the matter, he decided
to release the cover letter from the IG's report.
Friedman's overview bulleted three flaws he considered serious:
* In a number of key areas, security policy was non-existent, applied
inconsistently or not followed;
* Critical cyber security internal controls and safeguards were not
functioning as intended; and
* Monitoring by both laboratory and federal officials was inadequate.
"Regardless of the outcome of the FBI investigations, just the
unauthorized removal of the classified material from the lab marks a
significant breach of security protocol and of the public trust," Bodman
wrote. We cannot correct the errors of the past. But we can learn from
this incident and we will do better."
LANL Director Michael Anastasio released memorandum he sent to all
employees Tuesday, with an update an actions that have been taken in the
response to the security breach.
That response has so far included a presentation of a list of short-term
improvements and establishment of a security action team headed by
Principal Associate Director for Operations Jan Van Prooyen.
Anastasio recounted the immediate efforts, including a list of reviews,
restrictions and engineered controls in the classified computer area.
Another layer of security has been added, Anastasio indicated, including
a pause in all scanning of classified documents, an enhanced procedure
for physical searches and more random searches - now averaging 100 a
The laboratory has brought in cyber-security experts from the partner
companies of the management entitity, Los Alamos National Security, LLC,
and their recommendations will be reviewed and incorporated into a new
set of policies and procedures.
Since the current breach apparently caught the laboratory inadequately
prepared to deal with new memory devices like memory sticks and iPods
and easy transfer devices like flash drives, the managers have also
chartered a Red Team of experts to provide technical advice for avoiding
the next generation of security risks.
A spokesman for the secretary said that policy related to security
liabilities by laboratory contractors is being assessed. DOE's Craig
Stevens said the secretary expected results.
"We recognize this is a new contractor that has only been on the job a
couple of months. We didn't expect all the problems to suddenly go
away," he said.
"The secretary has laid it at the feet of the laboratory to get the lab
fixed," he said, adding that more would be expected than "wringing of
hands and paperwork and setting of policy."
Sen. Pete Domenici, who chairs the Senate Energy and Water Committee,
responded to the announcement with a prepared statement this morning.
"I will review this classified report and will work to ensure the lab
and Energy Department implement previously proposed reforms that have
yet to be fully implemented, as well as immediately act to execute the
new procedures and practices identified by the IG," he said. "I believe
Secretary Bodman and Lab Director Mike Anastasio take these matters
seriously and will work to put these recommended reforms in place."
Bodman's announcement said he has directed the department's Chief
Information Officer Tom Pyke to follow up as appropriate on the IG
report in upgrading the department's cyber security policies and
As was the case, during the false security breach that shut the
laboratory down for several months starting in July 2004, the department
will take the opportunity to assess the policies and procedures
"complex-wide" - in this case, for "issuing and maintaining personnel
Subscribe to InfoSec News