AOH :: ISNQ4630.HTM

Report: FBI's Internal Security Lacking




Report: FBI's Internal Security Lacking
Report: FBI's Internal Security Lacking



http://www.cbsnews.com/stories/2007/10/01/national/main3315140.shtml 

Oct. 1, 2007

(CBS/AP) More than six years after the most damaging FBI spy case in 
U.S. history, the arrest of turncoat Robert Hanssen, and a more recent 
case involving an FBI analyst in New Jersey, the FBI's internal security 
system still has major "vulnerabilities," according to the latest report 
from the Justice Department's inspector general.

CBS News reporter Stephanie Lambidakis says most of the report is 
classified, but a 46-page summary concludes, "the FBI must recognize the 
very real possibility that a spy could be working within the FBI's 
ranks."

After fighting with DOJ for several years, the FBI recently agreed to 
fix two glaring weaknesses: the need for a new unit which focuses 
exclusively on "detecting whether the FBI has been penetrated," and the 
placement of an operational outsider - from the FBI or other 
intelligence agency - given the FBI's refusal to consider that an FBI 
agent could be compromising the country's most valuable intelligence and 
military secrets over a 20-year period.

The report also found that the FBI's program to review suspicious 
employees periodically over their years of service also remained spotty 
because it hadn't created full case files on them. This was due at least 
in part to faulty technology, it said.

"While the OIG found that some of the recommendations had not yet been 
implemented, we continue to concur with all the recommendations made by 
the original report," replied the FBI in a statement.

The investigation by IG's office sought to examine the extent of 
internal security at the nation's lead law enforcement and domestic spy 
agency following the 2001 capture of Hanssen, who admitted spying for 
Moscow for cash and diamonds over two decades.

The most interesting part of the report, says Lambidakis, is the section 
on Philippine native Leandro Aragoncillo, an analyst at the FBI's Fort 
Monmouth Information Technology Center in New Jersey, who pled guilty in 
May 2006 to four charges, including transmitting national defense 
information to try to destabilize the Philippine government. A tick-tock 
on pages 30-38 details repeated instances of suspicious behavior by 
Aragoncillo which didn't trigger alarm bells - including an FBI employee 
who saw files about "Philippines" and "corruption" on Aragoncillo's 
computer screen, subjects far outside his duties.

In addition, Aragoncillo had debt, he used his private cell phone at the 
same time each morning and never used it in the office, and he lied 
about having family members who still lived in the Philippines.

For eight months, there was no follow-up until another agency's 
investigation led to Aragoncillo's discovery.

ICE, the Immigration and Customs Enforcement agency, "contacted the 
FBI's New York office to inquire about Arancillo's involvement in an 
immigration matter involving Michael Ray Aquino, a former high-ranking 
Philippine police official who was later prosecuted with Aragoncillo as 
a co-conspirator of FBI information," said the report.

As an FBI security officer remarked, "It seems like we dropped the ball 
in a big way."

"We do not know whether Aragoncillo would still have been hired or his 
espionage prevented if the personnel security specialists had performed 
their jobs competently," states the report by Inspector General Glenn A. 
Fine. "However, the failures in the personnel security process should 
not have occurred."

"We believe the FBI must be vigilant in attempting to deter and detect 
the internal penetrations that have occurred in the past and that may 
occur in the future," the report said.

The Office of the Inspector General does praise the FBI for widespread 
security improvements, especially in areas such as polygraphs and 
re-investigations. The number of FBI employees and contractors subject 
to random polygraphs has mushroomed from 550 to 18,384.


5B
__________________________________________________________________      
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - www.csiannual.com 

Site design & layout copyright © 1986-2014 CodeGods