[Infowarrior] - Hundreds of Laptops Missing at State Department
Richard Forno
rforno at infowarrior.org
Sun May 4 05:21:04 UTC 2008
Hundreds of Laptops Missing at State Department, Audit Finds
By Jeff Stein, CQ National Security Editor
http://www.cqpolitics.com/wmspage.cfm?docID=hsnews-000002716318
Hundreds of employee laptops are unaccounted for at the U.S.
Department of State, which conducts delicate, often secret, diplomatic
relations with foreign countries, an internal audit has found.
As many as 400 of the unaccounted for laptops belong to the
department’s Anti-Terrorism Assistance Program, according to officials
familiar with the findings.
The program provides counterterrorism training and equipment,
including laptops, to foreign police, intelligence and security forces.
Ironically, the Anti-Terrorism Assistance Program is administered by
the State Department’s Bureau of Diplomatic Security (DS), which is
responsible for the security of the department’s computer networks and
sensitive equipment, including laptops, among other duties. It also
protects foreign diplomats during visits here.
DS officials have been urgently dispatching vans around the bureau’s
Washington-area offices to collect and register employee laptops, said
department sources who could not speak on the record for fear of being
fired.
The inventory sometimes strips DS investigators of their laptops for
“days, or weeks,” they said.
The State Department’s Inspector General launched an audit of the
equipment about three months ago. Only the first stage, or inventory
of equipment, has been completed.
A State Department official referred all questions regarding laptop
losses to the Inspector General.
A senior IG official, asking not to be identified, said he could “not
comment on ongoing work.”
Nita M. Lowey , D-N.Y., who heads a House Appropriations subcommittee
that oversees State Department operations, said she was concerned
about the security revelations.
“The importance of safeguarding official laptops and office equipment
containing sensitive information is not a new concern,” she said
through a spokesman. “I intend to review the facts about this
situation.”
“Unaccounted for” does not necessarily mean the laptops have been
lost. But they are “missing” until they have been found or otherwise
accounted for.
Auditors found that the department had lost track of $30 million worth
of equipment, according to one official, “the vast majority of
which . . . perhaps as much as 99 per cent,” was laptops.
Calculating that the average State Department laptop costs $3,000,
another official said, hundreds, perhaps as many as a thousand, were
missing. It could not be learned how many employees have been issued
laptops.
On Feb. 6, the department’s Senior Assessment Team gathered at the
State Department headquarters in Foggy Bottom to discuss the security
of “personal identification information.”
The department’s official in charge of computer equipment, John
Streufert, warned the more than two dozen officials present that the
department did not have good records of its inventory.
A “significant deficiency” relating to laptops existed, Streufert
said, according to a source who attended the meeting.
Mark Duda, a representative of the Inspector General’s office at the
meeting, warned the managers that they needed to get on top of the
equipment issue before it “blows up.” He said a scandal loomed akin to
the one that engulfed the Veterans Administration in 2006, when news
broke that a VA official had taken home a laptop with the personal
records of 26 million veterans, where it was stolen.
The official who chaired the meeting, Christopher Flaggs, the
department’s deputy chief financial officer, also warned that
revelation of the laptop losses could develop into a “material
weakness,” an accounting term-of-art that essentially means
inventories are out of control.
“It’s the worst flaw you can have in management control,” one close
observer of the State Department’s problems said.
It would have to alert the White House Office of Management and Budget
(OMB) and Congress. There could be hearings, headlines, camera crews
on the doorstep of State Department officials.
That’s what happened in 1999, when a laptop containing the names of
foreign agents working for the U.S. government was stolen from the
State Department.
The security of laptops has vexed federal officials, as well as
private industry, for years. The CIA, FBI and other national security
agencies have all lost significant numbers of laptops containing
sensitive information.
More than a year ago, the administration’s Identity Theft Task Force
warned of security vulnerabilities within the government’s Internet
technology systems.
In May 2007, OMB had ordered all federal departments and agencies to
“develop and implement a breach notification policy within 120 days.”
Hints of the State Department’s laptop losses first surfaced March 31
in an anonymous post at an obscure Web site frequented by employees of
the Bureau of Diplomatic Security, called Dead Men Working.
“We’re not talking about a missing laptop or two,” said a poster who
identified himself as “Steve.”
“A Department-wide audit found hundreds of laptops unaccounted for and
identified DS, now rushing to close the barn door before the scandal
really breaks, as having the laxest control of any bureau in the
agency,” Steve wrote.
John Naland, a retired diplomat who is president of the American
Foreign Service Association, said the alleged losses were worrisome,
and perplexing.
“If the missing ones might have contained classified data, this could
be serious,” Naland said.
“At my last overseas post, we did not have any laptops,” Naland
continued. “But we sure did an annual serial number physical inventory
of computers. Sometimes our initial count came up with discrepancies,
but then we remembered that we returned one to Washington or whatever
and that cleared up the paperwork discrepancy.”
Jeff Stein can be reached at jstein at cq.com.
CQ © 2007 All Rights Reserved | Congressional Quarterly Inc. 1255 22nd
Street N.W. Washington, D.C. 20037 | 202-419-8500
More information about the Infowarrior
mailing list