In wake of GAO criticism, Customs adds access controls to its database

The Customs Service is reprogramming its database of suspicious individuals and
vehicles so it will automatically notify systems managers when someone tries to delete or
change a record.

Customs officials decided to implement the notification system after the General
Accounting Office reported last month that files on suspects were being deleted by
unauthorized personnel or without adequate oversight, said James E. Johnson, assistant
secretary of Treasury for enforcement.

Customs inspectors use the Treasury Enforcement Communications System to spot suspects
and red-flag vehicles as they try to cross the U.S. border. Inspectors at border crossings
key in automobile tag numbers and driver’s license information, which alerts officers
if a car or its occupants have been involved in illegal activity.

TECS consists of thousands of computer terminals at border crossings along the Canadian
and Mexican borders, at Customs field offices and at sea and air entry ports.

Use of the system recently led to the arrest of several suspects and the seizure of 112
pounds of cocaine at the Mexican border, the GAO report said.

Johnson verified that unauthorized deletions of suspect information had occurred in
Customs systems, but he did not give specifics in his response to the GAO report, Customs
Service: Internal Control Weaknesses Over Deletion of Certain Law Enforcement Records.

Once the changes are made to TECS, automatic notices that a change has occurred will be
sent to appropriate Customs systems managers, Johnson said.

If someone tries to alter the database, the system will send an electronic report of
the employee’s intention to the agent who created the record, the creating
agent’s supervisor, as well as the supervisor of the agent wanting to change or
delete the record. The service expects to implement the automated notification next month,
Johnson said.

Customs will also add a text field to the program where the person making the change or
deletion justifies the change. That information will be stored electronically for future
reference, Johnson said.

Systems control officers currently limit access to TECS by assigning users a specified
amount of authority in making changes, but GAO said that approach has not worked well.

The sites reviewed had many individuals who were able to delete TECS records without
any checks and balances, the GAO report said.  


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected