DoE inspector general rips into Los Alamos
Gregory Friedman notes severe inadequecies in cybersecurity and document management procedures; recent breaches spark review and needed changes; a look back in time shows security a longtime problem at the lab; reminiscing with Richard Feynman presents needed context
In a two-page memo filed this week, Department of Energy Inspector General Gregory Friedman severely criticized security procedures at Los Alamos and questioned the efficiency of a recent security upgrade costing tens of millions of dollars. His ire was particularly piqued by a recent episode in which a classified documents were discovered by police while raiding the home of lab employee to search for drugs. In addition, Friedman cited inadequate cyber-security controls and inadequate monitoring by federal officials as inexecusable lapses. Security at Los Alamos, readers may recall, has always been questionable — exactly why the lab’s security management was recently put out to bid.
Since the drug/classified documents breach, Los Alamos has taken a number of steps toward improved security, including: a ban on portable electronic storage devices in classified computing areas, the suspensiion of all classified scanning activities, and an increase in physical searches — with random searches occuring an average of more than 100 times daily. “Unfortunately we cannot correct the errors of the past. But we will learn from this incident and we will do better,” said Energy Secretary Samuel Bodman in response to the memo.
Further reading….
Readers interested in the history of security at Los Alamos could not do better than to consult Richard Feynman’s autobiographical account in Surely You’re Joking, Mr. Feynman. Feynman worked there during the Manhattan Project and was an inveterate prankster. At one point, we recall, he realized that the safes in the lab offices were extremely easy to breach. Not willing to give up his secret method, however — especially after his superiors told him the safes were invulnerable — he managed to give the impression that his was a complicated technique:
I’d put a screwdriver in my back pocket to account for the tool I claimed I needed. I’d go back to the room and close the door. The attitude is that this business about how you open safes is not something that everybody should know because it makes everything very unsafe. So I’d close the door and then sit down and read a magazine or do something. I’d average about 20 minutes of doing nothing, and then I’d open it. Well, I really opened it right away to see that everything was all right, and then I’d sit there for 20 minutes to give myself a good reputation that it wasn’t too easy, that there was no trick to it. And then I’d come out, sweating a bit, and say, “It’s open. There you are.”
-read more in this AP report