The Science of National Insecurity at the Los Alamos Lab

by Davey Winder

Sunday, 28 September 2008

Page 1 of 2 ! The Los Alamos National Laboratory is one of those secret squirrel national security research outfits the United States loves so much. It covers the little stuff like the safety and reliability of the nuclear deterrent. You might think it would be able to secure itself properly then... There are times when, working as an observer of all things IT security, my mood goes beyond one of despair and starts to creep slowly towards wide-eyed, slack-jawed, out and out fear. Usually combining the words 'nuclear weapons' with 'US Government' and 'vulnerabilities in several critical areas' does the trick as far as my pants wetting potential goes. So imagine my dismay, and the state of my pants, when I read that the Government Accountability Office had reported a number of security weaknesses regarding the already in-the-security-doghouse Los Alamos National Laboratory. Los Alamos (operated by the National Nuclear Security Administration) just happens to flag itself, rather ironically if you ask me, as the home of National Security Science. Perhaps that should change to read National Insecurity Science now? Especially when you consider what goes on at Los Alamos. I will allow the Labs to speak for themselves, as stated in the 'about us' section of its website: "Los Alamos National Laboratory is a premier national security research institution, delivering scientific and engineering solutions for the nation's most crucial and complex problems. Our primary responsibility is ensuring the safety, security, and reliability of the nation's nuclear deterrent." The blurb continues: "The Los Alamos of today emphasizes worker safety, effective operational safeguards & security, and environmental stewardship, while outstanding science remains the foundation of the Laboratory." Are your pants damp yet? Give it time, maybe after you learn more about that GAO report and its findings. The report confirms that the Los Alamos National Laboratory "has experienced security lapses protecting information on its unclassified computer network" in the past which contains "sensitive information." GAO assessed the effectiveness of the security measures implemented to protect this information. In order to do this, GAO examined security policies and procedures as well as reviewing the laboratory's access controls for protecting information on the unclassified network. It concluded that "weaknesses remain in protecting the confidentiality, integrity, and availability of information on its unclassified network" and said of the network security system to detect potential intrusions that it had "found vulnerabilities in several critical areas." These included: identifying and authenticating users, encrypting sensitive information, and monitoring and auditing compliance with security policies. What other insecurities did the GAO report uncover, and what are its recommendations to rectify matters? Perhaps most importantly, have my pants dried out at all? Find out on page 2... CONTINUES << First page <   1 2 Next page > Last page - Post your comment >>

 

< Next story in category		Previous story in the category >

Visitors last 30 days Suscribers

904,266 13,751