Coast Guard tightens security in wake of systems breach
- By Frank Tiboni
- Oct 26, 1998
After a former employee hacked into a personnel database earlier this year, Coast Guard
brass decided they needed to batten down the hatches on computer security.
Basically, all employees are getting a security refresher course, said Chief Warrant
Officer Jerry Heinl, chief of systems security at Coast Guard headquarters.
We believe we have safeguards in place for computer security in the
commandants instructions, Heinl said. Personnel need to follow
Coast Guard employees now must watch a 15-minute video that outlines the agencys
computer security policy. They also are instructed not to share passwords.
When Coast Guard workers transfer to a new station, the exit drill requires that they
log out their accounts and passwords and return hardware and software to the help desk.
The Coast Guard is also tightening help desk security practices to ensure that the user
safeguards are followed, Heinl said.
A March systems breach by a former systems employee led to the security beef-up.
The Coast Guard does have a heightened awareness of computer security after this
incident, he said.
Shakuntla Devi Singla, 43, of Fairfax Station, Va., in March pleaded guilty in U.S.
District Court for the District of Columbia to accessing a federal computer without
authorization and intentionally causing damage, said a spokesman for the U.S. District
Attorneys Office in Washington.
Singla was the first woman ever convicted of computer hacking in the United States and
was sentenced to five months in jail followed by five months of house arrest.
She must also pay a $35,000 fine, the spokesman said.
Singla, a former civilian systems administrator at the Coast Guard, used another
employees password and identification to gain dial-up access to the computer from
her home after she was no longer working for the agency, Heinl said.
Singla deleted information in the personnel database about pay, promotions, awards and
employee transfers, Heinl said.
The Coast Guard does not know if she obtained the password during her employment at the
Transportation Department agency or after she left, he said.
The personnel data was stored in an Oracle Corp. database that Singla helped build
while with the Coast Guard, Heinl said.
The Coast Guard assigned 115 employees, including network administrators, to restore
the data. Recovery of the data took more than 1,800 hours and cost nearly $40,000, said
Cmdr. Mike Lapinski, a Coast Guard spokesman.