Coast Guard tightens security in wake of systems breach

After a former employee hacked into a personnel database earlier this year, Coast Guard
brass decided they needed to batten down the hatches on computer security.


Basically, all employees are getting a security refresher course, said Chief Warrant
Officer Jerry Heinl, chief of systems security at Coast Guard headquarters.


“We believe we have safeguards in place for computer security in the
commandant’s instructions,” Heinl said. “Personnel need to follow
them.”


Coast Guard employees now must watch a 15-minute video that outlines the agency’s
computer security policy. They also are instructed not to share passwords.


When Coast Guard workers transfer to a new station, the exit drill requires that they
log out their accounts and passwords and return hardware and software to the help desk.


The Coast Guard is also tightening help desk security practices to ensure that the user
safeguards are followed, Heinl said.


A March systems breach by a former systems employee led to the security beef-up.
“The Coast Guard does have a heightened awareness of computer security after this
incident,” he said.


Shakuntla Devi Singla, 43, of Fairfax Station, Va., in March pleaded guilty in U.S.
District Court for the District of Columbia to accessing a federal computer without
authorization and intentionally causing damage, said a spokesman for the U.S. District
Attorney’s Office in Washington.


Singla was the first woman ever convicted of computer hacking in the United States and
was sentenced to five months in jail followed by five months of house arrest.


She must also pay a $35,000 fine, the spokesman said.


Singla, a former civilian systems administrator at the Coast Guard, used another
employee’s password and identification to gain dial-up access to the computer from
her home after she was no longer working for the agency, Heinl said.


Singla deleted information in the personnel database about pay, promotions, awards and
employee transfers, Heinl said.


The Coast Guard does not know if she obtained the password during her employment at the
Transportation Department agency or after she left, he said.


The personnel data was stored in an Oracle Corp. database that Singla helped build
while with the Coast Guard, Heinl said.


The Coast Guard assigned 115 employees, including network administrators, to restore
the data. Recovery of the data took more than 1,800 hours and cost nearly $40,000, said
Cmdr. Mike Lapinski, a Coast Guard spokesman.    

inside gcn

  • Congressman sees broader role for DHS in state and local cyber efforts

    Automating the ATO

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above