Slashdot Mirror
LANL, Sandia Report Losing Classified Data
dread minerva writes "This week, Los Alamos and Sandia National Laboratories publicly reported that sensitive material stored on removable data storage devices was missing." In Sandia's case, "According to the Las Vegas Sun, this 'prompted the lab to halt all classified work Thursday while officials conduct a wall-to-wall inventory of sensitive data.' Sandia also reported that a 'computer floppy disk was missing.' However, according to the Albuquerque Journal, 'lab officials said they don't believe it contains any weapons information or any other information that could harm national security,' only admitting that the material on the disk was classified. Due to these latest events, LANL has shut down all work on classified projects as of Friday." (Read more below.) Update: 07/17 21:21 GMT by T : A correction -- research was shut down only at LANL (not, as I mistakenly claimed, at Sandia) -- and an update: Sandia's missing disk was recovered.
"These snafus have led the government to open up the labs to defense-contracting bids for the first time in their 60+ year history (until now the labs have been run by UC-Berkeley). As NPR reported on Friday, the researchers at the labs were upset by this move, as they are afraid of the labs losing their academic nature. Perhaps the best question to ask in this situation is why these labs are still using removable data storage devices to store sensitive information."
(Other institutions, including The University of Texas system, are also angling for a share of the lab's management.)
This is stale. They've already found the data again...
See here.
In any case it's not newsworthy.
Technically anything that touches their Classified LAN is then considered classified to the highest level of the data on the system. Some tech could have brought in a new desktop background on floppy from the unclass side.
"Oh my GOD where is my Britney Spears pictures!!!."
"...Perhaps the best question to ask in this situation is why these labs are still using removable data storage devices to store sensitive information."
I worked on projects that collected classified data and spec'd systems with removable storage. The reason we used removable storage was because it was easier to get DISCO (Defense Industrial Security Clearance Organization, yes, that really is the acronym courtesy of the Department of Defense Overly Contrived Acronym Certification Agency (DODOCACA)) to certify a system for classified use if we could show that all of the storage could be removed from the system and securely stored. Of course this relies upon having people who aren't going to lose the secure storage, which is another thing entirely. Given advances in storage since the 1990s when I was administering such systems I'd be surprised if any classified system wasn't built around removable storage systems. You can get a 320Gb firewire disk for $350. Of course you could also do your work on laptops and then lock them in your classified safe at the end of the day too.
cheap labor conservatives - they want to keep you hungry enough to be thankful for minimum wage.
Classified storage media and classified information are two different things. When a floppy disk, hard disc, or any other media is marked classified, it means that it is used in a classified environment, not necessarily that there is any classified data on it. Since its marked classified, its treated as if the information contained on it is -- regardless of what's actually on it.
Whenever a disk touches a classified machine, it automatically because as classified as the information on that machine -- again, regardless of whether or not the information you copied to that disk was classified or not.
I can't speak for this particular case, but in general it is due to the logistics of the security plan. Say I have a computer that is certified for processing clasified data. Because there is classified information on that computer, any read/write media that is connected to the machine (harddrive, floppy, usb keychain, network) is now tainted and that peice of media is classified from that point out. Meaning that you cannot connect that media to any system that is not authorised for processing classified of the appropriate catagory, level, and need to know. And if you need to take some data from a classified system to an unclassified, you have to go through a formal review process to make sure everything is kosher. This makes it easy to know what the rules for dealing with clasified computing is even if it is a bit over-stretching.
So, what often happens is you have a project that is almost entirely unclassified except for a few sensitive bits, and you do most of your work on the unclassified systems. But when it comes time to do the classified bits you need to use a bunch of this unclassified data on the classified system, so you end up with two copies of the exact same data, one marked classifed and the other unclassified.
The data itself is still exists in an unclassified form, and can still be gotten to via the FOIA (assuming other exemptions don't apply), but that particular instance of the data has to be treated as classifed to make everyones lives easier.
Nanos came in at a time when things were kind of getting lax in terms of security and safety practices. He's got a tough job ahead of him--Making 10,000+ employees follow the rules all at once with virtually zero margin for error is not an easy task. That's like expecting Microsoft to ensure that all copies of Windows are secured so that there are no more worms/trojans/viruses--It's a nearly impossible task given the numbers no matter how many resources are available. I think Nanos' attitude is right on--people tend to think that they can just get away with disregarding the rules and procedures, and it's time to weed out these people before UC loses the contract.
On a side note, the stand-down on Friday was due to a safety incident (One major injury, no fatalities) that actually occured Wednesday afternoon after Nanos' all-hands meeting.
Sandia National Labs, unlike Los Alamos, is not run by the University of California system. Rather, Lockheed-Martin (and before that AT&T) ran the Labs after they were split from Los Alamos as a separate division.
You have to understand how security works. Having worked in a classified environment... anything that goes in that *might* be able to classified data, becomes classified. I remember in our classified area's, the only way I could bring OUT anything was if I had brought in an original say Visio CD or something, installed it, and left. And even then it was virus scanned with several different products by security, and I had to return that CD (yes, it was labelled "unclassified") to the security office.
Removable storage is standard. They have large safe's that everything with data on it gets locked up in when the last person leaves. All the machines used removable drive trays (naturally, those were marked "classified"). Floppy drives actually were disabled (cable yanked off) and the machine's cover had a security-seal taped on it so they would know if anyone tampered with it.
Even if a machine *did* have a floppy drive, and you put a brand new floppy in, formatted it, and typed up your resume on it...that floppy was "classified" the moment it went in the door.
Machines that got 'retired' (obsolete) had the CMOS chip removed, the RAM removed, the CPU removed, and any other parts that may 'possibly' hold data. They were crushed, and then incinerated.
Its not about whether it ever actually *had* classified data on it or not, its that its a "storage device" that was *in* a classified area.
Who ever said the data couldn't be used to threaten national security? There are other ways to threaten security other than just weapons data; infrastructure information, intelligence reports, and even science that nobody is quite sure what to make of at this point.
From the summary: "lab officials said they don't believe it contains any weapons information or any other information that could harm national security"
I've had this sig for three days.
What are you talking about, dread minerva? LANL isn't run by UC-Berkeley in particular, it's run by the University of California System. See the University of California office of the President -- "10 campuses, 5 medical centers and 3 national labs." Secondly, Sandia isn't run by the UC at all, it's run by Lockheed-Martin, and, as another poster pointed out, was previously run by AT&T. Jeeze, when one of your points is that there's a management problem, you'd think you'd actually check who the management is.
...cause for alarm - as opposed to a political statement.
i cle.asp?ID=12701
From http://www.frontpagemagazine.com/Articles/ReadArt
"Most notoriously, Clinton appointed an anti-military, environmental leftist Hazel O'Leary to be Secretary of Energy, a department responsible for the nation's nuclear weapons labs. O'Leary promptly surrounded herself with other political leftists (including one self-described "Marxist-Feminist") and anti-nuclear activists, appointing them as her assistant secretaries with responsibility for the security of the nuclear labs. In one of her first acts, O'Leary declassified eleven million pages of nuclear documents, including reports on 204 U.S. nuclear tests, describing the move as an act to safeguard the environment and a protest against a "bomb-building culture."
Having made America's nuclear weapons' secrets available to the whole world including the al-Qaeda network, O'Leary then took steps to relax security precautions at the nuclear laboratories under her control. She appointed Rose Gottemoeller, a former Clinton National Security Council staffer with extreme anti-nuclear views to be her director in charge of national security issues. Gottemoeller had been previously nominated to fill the post--long vacant in the Clinton Administration--of Assistant Secretary of Defense for International Security Policy. The appointment was successfully blocked, however, by congressional Republicans alarmed by her radical disarmament agendas. The Clinton response to this rejection was to put her in charge of security for the nation's nuclear weapons labs."
I'm aware that it was in jest, but I don't think iPods are much of a problem. As they and all other "personal electronic devices capable of transmitting information and/or data." are on the controlled articles list and are not permitted in a LANL security area.
Building a better backup.
Zettabyte Storage
At the risk of going slightly offtopic, I don't think that risk is too high. If a commercial airliner has lost all radio contact they would not be able to get through to air traffic control at the airport, making the landing dangerous. Under the new provisions military jets would be scrambled and attempt to divert the plane to a secure airbase by all means necessary
It is my understanding that there are universal visual signals such as "follow me" and if a commercial jet was really in such a situation they would follow their military escort, be guarenteed a clear landing and after interviewing the passengers and crew they would all be sent on to their destination (probably by bus) The political fallout from shooting down a passenger jet without warning would be unthinkable, and being landed in a secure military base would not be any terrorists ideal outcome from a hijacking.
As long as the pilot follows the visual signals from the air force they will not fire on the passenger jet.
Who needs the essential data to design a deep bunker buster bomb when help from an NZ cruise missile designer, a few kilos of plutonium, plenty of TNT and a good machine shop would allow you to build a weapon which, while it might not fission, would be able to kill large numbers of people a long way away?
A dirty bomb has two main effects. First, it's a large explosion, just like a conventional bomb, and that blast can kill people. Second, people are incredibly afraid of "radiation" and "nuclear", so it has an incredibly huge fear factor, which is what terrorists aim for. The number of people who would actually be seriously injured or killed by the nuclear materials in any reasonable dirty bomb would be nearly insignificant. (I'm sure it would be significant to those affected, but the chemical explosives would kill many more.)
Mod down posts with a "Free Mac Mini/iPod" sig, they're spam!
It is possible, but not very likely, to lose radio contact. A commercial aircraft usually has several generators (one per engine) and at least one battery. The battery is never used, except in emergencies. Normally all generators work and all the equipment is powered up. If one or several generators fail then automatically some equipment is disconnected, in order of importance. The radio stays on even if *all* generators fail (it is then powered from the battery, and will last for long enough to land the aircraft. The battery will also provide electrical power to the engines (fuel pumps etc.)
In any case, if the radio indeed fails, the ATC on the ground will know it before even the pilots do. And as soon as pilots realize that they have no contact, they will take some safe course until instructed by any means possible to land. Any other aircraft may be instructed to approach and to lead them, not just a military one.