GAO again fails Energy security
- By Judi Hasson
- Jul 03, 2000
The Energy Department was forced to take two of its laboratories off the
Internet for as long as a week after hackers attacked computer systems at
least four times, the General Accounting Office said in a report made available
on June 30.
The report gave DOE another flunking grade for not providing adequate
security defenses, this time for its unclassified civilian research files.
A review of security found that DOE facilities had weak spots just waiting
to be attacked, the report stated.
"The DOE laboratories have become a popular target of the hacking community,"
the report said. The number of incidents has increased dramatically, from
less than 500 to 3,000 between 1997 and 1999.
Rep. F. James Sensenbrenner Jr. (R-Wis.), chairman of the House Science
Committee, said Congress is losing patience with DOE's security problems.
The latest report comes in the wake of disclosures that classified computer
drives were missing and then found at the Los Alamos National Laboratory
in New Mexico.
"Cutting off access to the Internet to DOE scientists for days on end
or exposing experimental data to tampering or theft because of poor computer
security is simply unacceptable," Sensenbrenner said.
The report said DOE did not have a clear policy regarding what information
should be accessible to the public. It also found there were no security
plans for 17 of the 20 major systems reviewed by GAO. "IT security policies
have not been enforced," the report said. "And incidents are not consistently
Energy Department officials had no immediate comment.