California defense contractor warns employees following computer theft

Security Focus and Associated Press ^ | February 3, 2005

[bd476]

"No government or commercial work was performed at the building where the break-in occurred. SAIC, which has annual revenue of about $7 billion, is involved in some of the U.S. government's most sensitive work, from redesigning Army combat systems to bioweapons defense and improving electronic snooping for the National Security Agency."

Oh, I'm going to sleep better tonight after reading that paragraph...

[Gunrunner2]

And knowing quite a few SAIC guys, I haven't sleep well for a long time. . .

;-)

[1FASTGLOCK45]

I wonder if this is the same city where they said the cops weren't going to answer alarms anymore because of false alarms?

[X_CDN_EH]

Why are companies keeping sensitive data on PC's? (I figure they are PC's because thieves stole several computers...

[bd476]

SAIC is in the defense industry with main headquarters in San Diego. It's well known to applicants for the stringent security, employee background checks and security clearances because of its international reputation for "research."

The company is very active right now, and it's hard to believe that the burglars accidentally broke into an office holding just employee information.

What in the world prevented SAIC from having better security?

NSA info alone could have been motivation for the break-in.

[bd476]

1FASTGLOCK45 said: "I wonder if this is the same city where they said the cops weren't going to answer alarms anymore because of false alarms?"

I believe that is Los Angeles.

If SAIC's security alarm went off, it would have been a very unhappy San Diego Police dispatcher who didn't push some red buttons.

[1FASTGLOCK45]

Sounds like security needs to be redone at that building, bet that alarm guard no longer has a job. To be able to smash 3 windows and break into 13 offices, makes quite a alot of noise...

[bd476]

Argh, Gunrunner2. :)

[ProudVet77]

>>"Why are companies keeping sensitive data on PC's?"
That's a real good question. Whoever set up the system doesn't appreciate security. There are a few very simple fundamental things that can be done to stop most of this kind of theft.

[bd476]

1FASTGLOCK45 said: "Sounds like security needs to be redone at that building, bet that alarm guard no longer has a job. To be able to smash 3 windows and break into 13 offices, makes quite a alot of noise..."

It should not have happened in the first place. That place was like Fort Knox in daylight hours at least in past years.

There is not just one security guard, it would be a system of security to get through first. Breaking windows and getting into SAIC would be about as easy as doing the same in any defense industry building in D.C.

[Flyer]

My web hosting company has better security.

Web-hosting company Advanced Internet Technologies (AIT) is big on security. Not necessarily the firewall, virtual private network, virus detection type of thing. More like the barbed wire, munitions closet, and paratrooper type of security. The Fayetteville, N.C.-based company has razor wire fences, painted black windows in some areas, and even a munitions closet with 12-gauge shotguns and 9-millimeter Beretta pistols. Its data centers are protected by 8-inch reinforced concrete and 24-hour guards.

Source

[bd476]

Flyer, I thought you were kidding until I read the article. Thanks for the link.

At least, some time ago, SAIC would have been a role model for that company.

It's a puzzle how the people got in. It's beyond comprehension that they got out with company computers.

[bd476]

It turns out that SAIC won a bid to design software for tracking terrorists and managing case files for the FBI. The FBI paid $100 million dollars for the software.

SAIC turned the software over to the FBI some time ago and the FBI found many glitches.

Back and forth negotiations have led to another company advising the FBI to bail out on using the SAIC designed software. $100 million dollars down the tube and now the discovery that SAIC has major security problems.

SAIC says FBI should deploy its software

[OldFriend]

Just doesn't pass the smell test.

[OXENinFLA]

And they don't have ALARMS?!?!?!?!?!?

[bd476]

They had security which could make the most uptight super spy uncomfortable. Not sure what happened but it's the stuff spy movies are made of.

Just seems weird that SAIC alleges burglars only stole computers which contained employee information.

If someone was smart enough to outwit SAIC's security system, they would know who SAIC works for (defense industry) and would also understand the value of anything they could get their grubby hands on.

Smash and grab burglaries don't work in the defense industry or at least they shouldn't.

[Gunrunner2]

You make excellent sense.

[bd476]

Thanks for the kind words. :)

[CJinVA]

I’m an ex-employee. I was told that one of the computers had Electronic Fund Transfer data on it. Having this kind of info on a desktop computer is stupid.

I don’t think they have disclosed all of the details of this.

[bd476]

Thanks, Vigl. I agree. Something seems odd - the timing is bizarre. Either SAIC is very unlucky or something's rotten in San Diego.