FBI shakes up security in wake of IG report on spy

As the Justice Department's inspector general this morning issued a critical report on the FBI's handling of bureau agent and Russian spy Robert P. Hanssen, agency director Robert S. Mueller III ordered security reforms that include sweeping IT policy changes.

Glenn A. Fine issued the report on Hanssen's damaging espionage, which spanned November 1979 to February 2001. The members of the IG investigative team generated 21 reform recommendations for the FBI, such as:

  • Create a Penetration Unit at FBI headquarters within the Counterespionage Section to detect double agents

  • Create a central repository for critical information about FBI employees who have access to sensitive information

  • Implement an annual financial disclosure program for employees who have access to sensitive information

  • Adopt proven security, including audit programs, to detect misuse of FBI systems and programs and protect restricted information, and enforce need-to-know rules

  • Create a method to account for and track documents and electronic media containing sensitive information

  • Create a security compliance program.


  • The bureau issued a point-by-point response to the IG's report, generally stating methods by which it has or will adopt its recommendations. For example, the FBI is implementing a new computerized financial disclosure program.

    The bureau also plans to launch an Enterprise Security Operations Center to protect FBI systems from external attacks and insider misuse through techniques such as real-time network monitoring, intrusion detection and data auditing.

    In addition, the bureau said it has nearly completed certifying and accrediting all headquarters IT systems and created a new wireless security team to devise methods of protecting data on notebook PCs and wireless devices.

    The bureau's Trilogy network also will help upgrade security, the bureau said. (Click for Jan. 31 GCN coverage)

    The FBI also has created a force of full-time, career security officers that will be led by a new chief security officer.

    During his espionage career, Hanssen frequently used the bureau's antiquated Automated Case File system not only to find and steal secret information, but to track the activities of the bureau's counterespionage efforts against him.

    'Hanssen compromised some of this nation's most important counterespionage and military secrets, including the identities of dozens of human sources, at least three of whom were executed,' auditors wrote in the IG report.

    inside gcn

    • cloud environment

      Microsoft brings Azure Stack to Government Cloud

    Reader Comments

    Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

    Please type the letters/numbers you see above

    More from 1105 Public Sector Media Group