FBI shakes up security in wake of IG report on spy

As the Justice Department's inspector general this morning issued a critical report on the FBI's handling of bureau agent and Russian spy Robert P. Hanssen, agency director Robert S. Mueller III ordered security reforms that include sweeping IT policy changes.

Glenn A. Fine issued the report on Hanssen's damaging espionage, which spanned November 1979 to February 2001. The members of the IG investigative team generated 21 reform recommendations for the FBI, such as:

  • Create a Penetration Unit at FBI headquarters within the Counterespionage Section to detect double agents

  • Create a central repository for critical information about FBI employees who have access to sensitive information

  • Implement an annual financial disclosure program for employees who have access to sensitive information

  • Adopt proven security, including audit programs, to detect misuse of FBI systems and programs and protect restricted information, and enforce need-to-know rules

  • Create a method to account for and track documents and electronic media containing sensitive information

  • Create a security compliance program.

  • The bureau issued a point-by-point response to the IG's report, generally stating methods by which it has or will adopt its recommendations. For example, the FBI is implementing a new computerized financial disclosure program.

    The bureau also plans to launch an Enterprise Security Operations Center to protect FBI systems from external attacks and insider misuse through techniques such as real-time network monitoring, intrusion detection and data auditing.

    In addition, the bureau said it has nearly completed certifying and accrediting all headquarters IT systems and created a new wireless security team to devise methods of protecting data on notebook PCs and wireless devices.

    The bureau's Trilogy network also will help upgrade security, the bureau said. (Click for Jan. 31 GCN coverage)

    The FBI also has created a force of full-time, career security officers that will be led by a new chief security officer.

    During his espionage career, Hanssen frequently used the bureau's antiquated Automated Case File system not only to find and steal secret information, but to track the activities of the bureau's counterespionage efforts against him.

    'Hanssen compromised some of this nation's most important counterespionage and military secrets, including the identities of dozens of human sources, at least three of whom were executed,' auditors wrote in the IG report.


    • business meeting (Monkey Business Images/Shutterstock.com)

      Civic tech volunteers help states with legacy systems

      As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

    • data analytics (Shutterstock.com)

      More visible data helps drive DOD decision-making

      CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

    Stay Connected