Information Security News mailing list archives
Chat Room Penetrates CIA Net
From: William Knowles <wk () C4I ORG>
Date: Sun, 12 Nov 2000 03:47:20 -0600
http://washingtonpost.com/wp-dyn/articles/A64444-2000Nov11.html By Vernon Loeb Washington Post Staff Writer Sunday, November 12, 2000; Page A10 The CIA is investigating 160 employees and contractors for exchanging "inappropriate" e-mail and off-color jokes in a secret chat room created within the agency's classified computer network and hidden from management. CIA spokesman Bill Harlow said the willful "misuse of computers" did not "involve the compromise of any classified information." But the probe, nearing completion, involves employees at all levels of the agency, including some senior managers, and most likely will result in at least a few firings, agency officials said. "The serious thing for us is people willfully misusing the computer system and trying to hide what they were trying to do," said one intelligence official. "If they were doing this with the KGB's computer system, we'd be giving them medals. Sadly, it was ours." The House and Senate intelligence committees have been briefed about the secret chat room, which CIA investigators discovered while performing routine security checks, according to Harlow. "Investigators uncovered evidence of long-term misuse involving multiple violations of CIA computer regulations," Harlow said. An internal notice sent to all employees in May said, "This activity has apparently been taking place for some time and involves the use of unauthorized chat rooms and data bases in an apparent willful misuse of the agency's computer networks. Indeed, it appears that this group went to great lengths to conceal these actions. . . . Any attempts to alter or delete information on agency computer networks related to this investigation . . . could amount to a violation of federal criminal law." Since then, all 160 employees and contractors who participated in what officials describe as an "invitation only" communications channel have been interviewed and given five days to explain their conduct in writing. Several officials, including members of the Senior Intelligence Service, a cadre of career officers at the upper reaches of the civil service system, have been suspended with pay for the past six months while senior CIA officials try to determine what punishment is appropriate. Robert D. Steele, a former CIA case officer with extensive ties to the agency, declined to name any of those involved but described two of the most senior officials under investigation as "innovative, out-of-the-box, unconventional thinkers--these are essentially the hackers of the CIA, in the most positive sense of the word." One Capitol Hill source who has been briefed on the probe said it involves "some pretty clever people who know how to use computers creatively." The source said he thought the employees involved showed "bad judgment" and added that CIA officials have responded appropriately. But one recent CIA retiree with knowledge of the probe said employees who face disciplinary action and even dismissal have been investigated far more aggressively than former CIA director John M. Deutch, who admitted drafting top-secret cables on unsecure home computers and was stripped of his CIA security clearances last year. "Most of the employees involved are likely to have a letter of reprimand placed in their personnel file, which will quash their chances for promotion for at least a year and may adversely affect future assignment prospects," the CIA veteran said. The former officer said that by giving those under investigation only five days to respond to the charges against them, the CIA has "effectively denied them the opportunity to seek legal counsel," because lawyers typically must wait for months to obtain security clearances necessary to represent agency personnal. The former officer also said he doubts whether employees under investigation really were exchanging "secret" communications, because all senior CIA managers have a software program called "Shadow" that enables them to "remotely monitor every keystroke that their employees make." "It seems highly suspicious that all of those supervisors, not to mention the numerous component network administrators and security personnel, were unaware over a period of years of illicit computer usage by a group of 160 personnel," the former officer said. A CIA official responded that employees under investigation were operating beyond the normal reach of computer systems administrators. "These people were technically adept, and they went to great lengths to ensure that their efforts were not known to systems administrators. There are ways of monitoring things--if you know there is something to be monitored." In some of the e-mails reviewed by investigators from the CIA's Center for Security, the official said, those involved even wrote messages to the effect that, "If they ever catch us doing this, we'll be fired." The investigation is only the latest in a series of incidents involving misuse of computers at the CIA. Deutch's home computer security violations, discovered by CIA security officials when Deutch stepped down as director in December 1996, triggered a firestorm on Capitol Hill this year after a classified report by the CIA's inspector general was leaked to the media. The report concluded that CIA Director George J. Tenet and other senior officials did not adequately investigate and punish Deutch's security violations. The report also concluded that Deutch exposed highly classified intelligence to hacker attacks by drafting memos on three unsecure home computers linked to the Internet. In November 1996, one month before Deutch's violations were discovered, a CIA senior intelligence analyst was found to have written a document with the highest level of classification on his home computer, which was connected to the Internet. As in Deutch's case, members of the analyst's family had access to the computer. The analyst was demoted in rank and salary, given a letter of reprimand barring raises for two years, and suspended without pay for a month. After the suspension, the analyst's clearances were restored, and he retired from the agency a year later. Another CIA employee alleged in a lawsuit filed last year by Roy Krieger, an Alexandria lawyer, that she was disciplined for a "major lapse of CIA security" after the CIA sold 25 laptop computers at public auction "while still containing Top Secret information on their respective hard drives." The employee's complaint alleged that the security lapse was not detected until months later, when a private purchaser reported finding classified files in one of the computers. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Chat Room Penetrates CIA Net William Knowles (Nov 13)