[Infowarrior] - DHS cybersecurity officer appointed while under federal investigation

[Richard Forno]

Official named to cybersecurity post while still under federal investigation
By Chris Strohm  CongressDaily
February 7, 2008  

http://www.govexec.com/dailyfed/0108/020708cdam2.htm

The Homeland Security Department has appointed an official who is under
federal investigation to a key position overseeing a program worth
hundreds of millions of dollars to secure computer networks across the
federal government.

The Feb. 1 appointment of Scott Charbo, Homeland Security's chief
information officer, to be deputy undersecretary for the national
protection and programs directorate, drew immediate criticism from House
Homeland Security Committee Chairman Bennie Thompson, D-Miss., who was
familiar with Charbo's past.

In a letter to Homeland Security Secretary Michael Chertoff, Thompson
said an investigation conducted by his committee last year showed Charbo
failed to properly address computer security breaches within agencies
housed at department headquarters, along with incompetent and possibly
illegal activity by private contractor Unisys.

The incidents included the exfiltration of information from Homeland
Security Department networks to a Web-hosting service that connects
Chinese Web sites, according to Thompson's investigation.

The security breaches that occurred under Charbo's watch and the work by
Unisys are now under investigation by the FBI and the Homeland Security
Department inspector general, according to Thompson and congressional
aides.

The IG's office confirmed to CongressDaily that its investigation is
continuing. The FBI would not confirm or deny the existence of an
investigation.

Thompson asked the department's Office of Security to conduct an
investigation but has yet to get a briefing from officials despite
repeated requests.

Thompson said Charbo will be responsible for overseeing a critical part
of a massive cybersecurity initiative that the Bush administration has
launched.

Chertoff announced this week that the department is requesting about
$294 million in its fiscal budget request for its portion of the
initiative.

His department will secure computer networks across agencies under the
initiative, the details of which remain classified.

"Given his previous failings as chief information officer, I find it
unfathomable that you would invest him [Charbo] with this authority,"
Thompson wrote Chertoff on Feb.1. "This decision raises concerns about
the seriousness of the administration's initiative."

Senate Homeland Security and Governmental Affairs Committee Chairman
Joseph Lieberman, I-Conn., did not criticize Charbo's appointment but is
"deeply concerned about vulnerabilities in the nation's cybersecurity,
as well as DHS' own systems," according to his spokeswoman.

"The committee, however, is conducting vigorous oversight of the
cybersecurity initiative to ensure successful deployment and efficient
spending of the increasing amount of money Congress has appropriated for
the program," she said.

The Homeland Security Department did not make Charbo available for
comment Wednesday.

A department spokeswoman issued a statement saying: "It is unfortunate
that the chairman [Thompson], who has often criticized the department
about vacancies in key leadership positions and the state of morale, has
once again chosen to make a personal attack on a department employee who
has demonstrated over a number of years his able and dedicated service
to this nation."

Charbo was appointed chief information officer in 2005 and later became
the department's acting undersecretary for management. None of the
positions, including the most recent one, required Senate confirmation.

The spokeswoman said Charbo has "invaluable management skills" and "made
impressive progress" on securing computers and networks while
institutionalizing "rigorous network security and data and privacy
protection programs."

She added that the department takes Thompson's allegations "very
seriously" and has provided every incident report to the department's
security operations center, as well as to the House Homeland Security
Committee when requested.

"The vast majority of these incidents were minor in nature and were
resolved quickly, often within hours," she said. "Every incident report
has been provided to Chairman Thompson's committee and more than 97
percent of all incidents reported have been closed."

Thompson has claimed that Unisys employees provided "inaccurate and
misleading information" to Homeland Security officials about the source
of attacks and attempted to hide security gaps.

A Unisys spokeswoman referred to a statement the company issued in
September in response to Thompson's allegations about the firm, when
they were first reported by the Washington Post.

"Unisys vigorously disputes the allegations . . . ," the company said.
"Facts and documentation contradict the claims described in the article,
but federal security regulations preclude public comment on specific
incidents."

The statement said the company routinely follows prescribed security
protocols and had properly reported incidents to the Homeland Security
Department.

The department rebid its contract for computer and network security for
headquarter agencies in the fall. Unisys submitted a bid but did not
win. Instead, a contract worth $362 million was awarded to Lockheed
Martin Corp., a Homeland Security spokesman said.