Ex-CIA chief compromised secrets

[William Knowles <wk () C4I ORG>]

http://www.washtimes.com/national/default-2000101222101.htm

October 12, 2000

By Bill Gertz
THE WASHINGTON TIMES

Former CIA Director John Deutch compromised some of the most sensitive
defense programs by improperly transferring data about ultrasecret
Pentagon programs to computers he used to send e-mail and access the
Internet, The Washington Times has learned.

The compromises occurred sometime after 1994 and have raised fears
among Pentagon security officials that foreign governments obtained
access to the "crown jewels" of the Pentagon's secret weapons,
intelligence and military programs, according to defense officials.

Mr. Deutch is suspected of using the Internet to send the secret
information on so-called special access programs (SAPs) over the
commercial Internet service provider America Online as part of a
1,000-page personal journal he produced during his tenure as deputy
defense secretary from 1994 to 1995 when he also was director of the
Pentagon's Special Access Program Oversight Committee (SAPOC).

As the head of SAPOC, Mr. Deutch sat at the pinnacle of the defense
secrecy system involving hundreds of special access programs and
ultrasensitive information ranging from exotic weapons development to
secrets used during war-fighting operations.

The officials provided new details of the compromised programs to
highlight what they say is an effort to cover up the security breaches
to avoid the political embarrassment for a high-ranking Clinton
administration official during the presidential-election campaign.

The Senate Intelligence Committee has completed a report on the CIA's
handling of the Deutch security breach, but release of the report is
being delayed by Sen. Carl Levin, Michigan Democrat, who is
challenging its findings, according to congressional sources.

The Pentagon officials said the compromises are based on a "worst
case" estimate that information requiring extraordinary secrecy has
been released improperly or gathered clandestinely by foreign spies.

"We don't know the full extent," said one official. "But until we do,
you have to assume there were serious compromises."

A second defense official said: "A security and counterintelligence
investigation is needed to determine where is the information, and a
damage assessment is needed to determine what has been compromised."

Officials said the case is potentially the most damaging security
breach in the Pentagon's history because of the secrets involved.

For example, special access programs include vital defense information
used during wartime. During the Persian Gulf war, one special access
program was set up to protect information about a flaw in a
foreign-built radar system used by the Iraqi military, which provided
a major advantage to U.S. allied military forces during the conflict.

The officials said the compromises are not being investigated by
security and counterintelligence officials at the Pentagon or the FBI.

The failure to aggressively pursue the security breaches has led some
officials to question whether the matter is being covered up by the
Pentagon in order to protect Mr. Deutch, who became CIA director in
1995 and left after being passed over for a senior post in the second
Clinton administration in 1996.

Pentagon spokesmen have said a damage assessment is under way but that
it has been stymied by Mr. Deutch's refusal to cooperate in turning
over computer disks.

Spokesman Kenneth Bacon said no one in the Pentagon has covered up the
security breaches by Mr. Deutch.

Officials do not know why Mr. Deutch produced the secret personal
journal.

However, the biggest fear is that Mr. Deutch has used the information
with his international consulting firm, or will do so in the future.

Mr. Deutch is currently a co-chairman of the advisory council for
Intellibridge Corp., a District of Columbia-based global intelligence
and information service for corporations. The company was originally
called Newmarket. The board co-chairman is former White House National
Security Adviser Anthony Lake. Other board members include former
high-ranking U.S. and foreign government officials.

The Intellibridge Internet site states that the company "is a
strategic knowledge tool providing a total information and
intelligence solution for the international corporation." A spokesman
for the company confirmed Mr. Deutch is on the advisory board.

Pentagon documents obtained by The Times show the Pentagon waited 20
months until February 2000 before initiating an inquiry into the
security breach. The Pentagon was first informed in June 1998 by CIA
investigators that special access program data was found on Mr.
Deutch's unsecured computers, the documents state.

A draft Pentagon inspector-general report on the Deutch matter also
said that Mr. Deutch used seven U.S. government-owned Macintosh
computers to write "a journal that contained classified information on
unclassified computers both at his residence and his office."

Some of the computers "were used by Dr. Deutch and his family to
access his [America Online] account," the report said.

The documents were first disclosed by National Journal magazine.

As for his use of America Online and the Internet, the report stated
that "using computers in this manner was extremely risky in that a
computer 'hacker' could have gained on-line access to Dr. Deutch's
computer and the information stored in temporary files on the hard
drive, including the journal."

Mr. Deutch could not be reached for comment and his attorney, Terry
O'Donnell, did not return telephone calls.

According to a 1998 Pentagon memorandum, Mark W. Spaulding, who
investigated Mr. Deutch for the Pentagon, said after a CIA briefing on
the case that Mr. Deutch's unsecured computers "were regularly used in
connection with his AOL account and thus may have been used to
transfer such information without regard to proper security
procedures."

The information contained in the personal journal included "Top Secret
and Top Secret Compartmented, as well as DOD Special Access Program
information," Mr. Spaulding wrote.

According to Pentagon spokesmen, the current investigations are
limited to a review of information involved in the case and an
inspector general inquiry of computers and storage media.

Pentagon spokesman Adm. Craig Quigley told reporters on Tuesday that
key information contained on the computer diskettes held by Mr. Deutch
has "not been recovered."

Asked later if the information was transmitted over the Internet, Adm.
Quigley said officials suspect it was.

As for security compromises, Adm. Quigley said: "Well, it's something,
I guess . . . that you never know until you have it."

However, another defense official stated flatly: "The [special access]
programs are compromised. The only question is whether foreign
intelligence services have the information or will get it."

The officials said Mr. Deutch would type notes into an unsecured
laptop computer after secret briefings on various special access
programs he was overseeing at the director of SAPOC.

Officials believe Mr. Deutch then sent e-mail copies of the notes to
himself and later retrieved them using computers at his home.

"We know that foreign intelligence services routinely monitor the
Internet for just such material," the defense official said. "And AOL
is a major target."

In particular, Russia's electronic eavesdropping service monitors all
electronic messages sent through Internet servers in Russia. China's
intelligence services have similar filters that are used to monitor
Internet message traffic.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".