Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Computing / Unisys Accused of DHS Cover-Up
Unisys Accused of DHS Breach Cover-Up
Unisys Accused of DHS Breach Cover-Up
By Richard Koman / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
In 2006, hackers broke into Department of Homeland Security computers, copying and sending out data for hours at a time -- as long as five hours in one case. They cracked an administrator's password with privileges to modify files on thousands of DHS computers. And they began installing malware on dozens of computers, masking the intrusion and transferring files to a remote Chinese-language Web site.

According to a House committee investigation, DHS's security contractor, Unisys, failed to identify or stop these attacks -- and, to make matters far worse, tried to cover up its failures.

Unisys has a $1.7 billion contract to provide security for DHS networks.

"For the hundreds of millions of dollars that have been spent on building this system within Homeland, we should demand accountability by the contractor," House Homeland Security Committee Chair Bernie Thompson (D-Miss.) was quoted by the Washington Post as saying. "If, in fact, fraud can be proven, those individuals guilty of it should be prosecuted."

Failure and Cover-Up

Committee aides said the FBI is investigating Unisys for possible criminal fraud, but a bureau spokesperson declined to confirm the assertion.

According to a committee aide, in July 2006, a Unisys employee detected an intrusion but "downplayed it, and low-level DHS security managers ignored it." On September 27, 2006, DHS systems managers finally noticed that their machines had been accessed with hacking software. Then Unisys I.T. employees investigated and found the break-in dated back to June 13, affecting 150 computers.

Unisys was supposed to install seven intrusion-detection systems, the Post reported, but had only installed three by June 2006. It had failed to install them properly, so they were not providing real-time alerts, the committee found. A Unisys spokesperson was quoted by the Post as saying that "no investigative body has notified us formally or informally of a criminal investigation."

David Stephenson, principal of Stephenson Securities, a homeland security consultant, said in an e-mail that DHS shares some of the blame for the fiasco.

Tolerating Lapses

"Given the potential for serious security compromises, even a very short security breach, the contract with Unisys should have required a seamless process to immediately report the incident to higher-level DHS authorities," he said. The fact that the initial report only went to low-level employees is "an indication of a culture on both sides that tolerated lax reporting by the contractor and lack of attention by DHS personnel," he concluded.

Indeed, Thompson said he is "troubled" by DHS indifference to the problem.

A DHS spokesperson said the agency is complying with committee requests and is able to follow up on all security incidents. "We have today fully operational security operations capability. That means that every incident, no matter how small, is reported to our operations center," said spokesperson Russ Knocke.

The DHS hacks are part of an ongoing series of attacks that have hit the U.S. Defense, Commerce, and State departments, as well as installations in Europe, all involving Chinese-language computers.

Last year, Maj. Gen. William Lord, Director of Information Services and Integration in the Air Force Office of Warfighting Integration, said that China had transferred "10 to 20 terabytes of data" from the Pentagon's nonclassified network. "They are looking for your identity so they can get into the network as you. There is a nation-state threat by the Chinese."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.