DHS acknowledges own computer break-ins

[Guest guest]

http://news./s/ap/20070620/ap_on_go_ca_st_pe/dhs_computer_sec

urity

DHS acknowledges own computer break-ins

By TED BRIDIS, Associated Press Writer

2 hours, 39 minutes ago

WASHINGTON - The Homeland Security Department, the lead U.S. agency

for fighting cyber threats, suffered more than 800 hacker break-ins,

virus outbreaks and other computer security problems over two years,

senior officials acknowledged to Congress.

In one instance, hacker tools for stealing passwords and other files

were found on two internal Homeland Security computer systems. The

agency's headquarters sought forensic help from the department's own

Security Operations Center and the U.S. Computer Emergency Readiness

Team it operates with Carnegie Mellon University.

In other cases, computer workstations in the Coast Guard and the

Transportation Security Administration were infected with malicious

software detected trying to communicate with outsiders; laptops were

discovered missing; and agency Web sites suffered break-ins.

The chairman of the House Homeland Security Committee, Rep. Bennie

, D-Miss., said such problems undermine the government's

efforts to encourage companies and private organizations to improve

cyber security.

" What the department is doing on its own networks speaks so loudly

that the message is not getting across, " said.

Congressional investigators, expected to testify Wednesday during an

oversight hearing about the department's security lapses, determined

that persistent weaknesses " threaten the confidentiality, integrity

and availability of key DHS information and information systems, "

according to a new report from the Government Accountability Office

being released later in June.

The Homeland Security Department's chief information officer,

Charbo, assured lawmakers his organization was working to prevent

such problems.

" We need to increase our vigilance to ensure that such incidents do

not happen again, " Charbo wrote in testimony prepared for Wednesday's

hearing. " The department takes these incidents very seriously and

will work diligently to ensure they do not recur. "

The computer problems disclosed to the House Homeland Security

subcommittee occurred during fiscal 2005 and fiscal 2006, and

occurred at DHS headquarters and many of the department's agencies,

including TSA, the Coast Guard, Federal Emergency Management Agency,

Customs and Border Protection and others.

The subcommittee's chairman, Rep. Jim Langevin, D-R.I., said break-

ins to government computer networks and theft of information are " one

of the most critical issues confronting our nation, and we must deal

with this threat immediately. "

All the problems involved the department's unclassified computer

networks, although DHS officials also have acknowledged to lawmakers

dozens of incidents they described as " classified spillage, " in which

secret information was improperly transmitted or discussed over

nonsecure e-mail systems.