Energy labs tighten up
Energy labs tighten up
Lee indictment is backdrop for computer security overhaul
Energy Secretary Bill Richardson says security is a balancing act.
By Patricia Daukantas
Energy Department weapons researchers are wondering how to be productive and still comply with national security requirements in the wake of last month's indictment of former Los Alamos National Laboratory scientist Wen Ho Lee.
More stringent security measures have been needed for years, one Los Alamos retiree said. Chris Mechels, vice president of Citizens for Los Alamos National Laboratory Employee Rights, said classified and unclassified systems at the lab were not physically separated from about 1980 to 1995, a claim disputed by a Los Alamos spokesman.
Mechels said he worked as a technical staff member from 1980 to 1983, as well as from 1986 until his retirement in 1994. He also spent time at the weapons lab as an employee of supercomputer maker Cray Research Inc. between 1976 and 1980. He worked for Cray elsewhere from 1983 to 1986.
'I always thought they didn't give a damn about computer security,' Mechels said of the Los Alamos administration. During the 1980s and the first half of the 1990s, he said, Los Alamos kept classified and unclassified information in different partitions of the lab network's common file system.'In 1995, Los Alamos officials physically separated the classified and unclassified systems, Mechels said. The federal 59-count indictment against Lee charges that, between 1993 and 1994, he transferred files containing secret data from the secure to the open partition.
Los Alamos spokesman Jim Danneskiold said the classified and unclassified networks have always been physically separate.
Between August 1998 and March 1999, Los Alamos put most of its unclassified servers behind a firewall so they are inaccessible to outsiders, Danneskiold said. Even lab employees need a one-time password or smart card to access files.
The servers remaining outside the firewall hold the lab's public data, such as its Web pages and employee newsletter, he said.
The classified network requires special access privileges and a security clearance, Danneskiold said. 'I don't have numbers for how many people have access, but certainly it's a much smaller number than the set of people who have clearances,' he said.
'I don't sense that people are going to disregard the rules,' said Allen Hartford, director of science and technology programs at Los Alamos. 'I think everybody around here takes security pretty seriously.'
Since November, Los Alamos has had a moratorium on hiring foreign nationals, Hartford said. The moratorium had little effect on the quarterly hiring of postdoctoral fellows. Only three of the 56 December applicants were foreign nationals, although some physical science departments draw half of their graduate students from outside of the United States. Lee is a U.S. citizen.
Energy Secretary Bill Richardson is willing to consider waivers to the moratorium, Hartford said.Getting testy
Workers recently protested a requirement that thousands of weapons lab employees submit to a polygraph test. A Web petition at www.spse.org, sponsored by the Society of Professional Scientists and Engineers, an employee rights group at Lawrence Livermore National Laboratory, drew 466 electronic signatures of weapons lab workers.
CIO John Gilligan says new security measures reflect an overall effort.
Last month, Richardson revised the polygraph policy, saying that the lab's counterintelligence concerns can be addressed with fewer polygraph tests.
He acknowledged that security is a balancing act. 'We took seriously the comments we received from scientists and other employees, and developed a plan that reflects their concerns,' Richardson said, who visited the Livermore lab late last month. 'As we continue to strengthen our counterintelligence program, we need to focus security efforts on protecting information that needs protection without impeding scientific research in the process.'
Energy chief information officer John Gilligan said the labs have made significant improvements over the past 10 months, including the installation of strong firewalls, stringent new configuration management and the enforcement of passwords. The department will release a report this month detailing the improvements.
Gilligan said the Lee case is not driving the department's security efforts. 'Our cybersecurity program is really addressing a broader set of issues and is not tied to a particular prosecution or particular incident,' he said.
Workers are discouraged, said Douglass E. Post, an associate division leader and group leader of about 100 weapons scientists.
The low morale, Livermore's proximity to Silicon Valley employers, delays in issuing clearances and classified computer accounts, and recent security stand-downs are affecting recruitment and retention, Post said.
Because of funding cutbacks for clearances, some recruits have had to wait for months to start classified work, Post said. He recently lost five workers, including one who waited 13 months for a clearance before jumping to Netscape Communications Corp.
Increased turnover at Livermore will result in more people with knowledge of classified data going into the private sector, Post said.
'If you had decided to cripple the security of the United States, you would be hard-pressed to do a better job,' he said.
But David M. Cooper, associate director of Livermore's Computation Directorate, said the complaints he has heard focus on the perceived lack of trust, rather than the scientists' ability to get their jobs done.
'People who come to work here understand the restrictions, or they don't come to work here,' Cooper said.