Los Alamos confirms data breach

LAT ^ | Oct. 26, 2006 | Ralph Vartabedian

[FairOpinion]

Los Alamos National Laboratory, one of the nation's key nuclear weapons research centers, confirmed Wednesday that it experienced a potentially major security breach — discovered last week when police found three laboratory computer drives during a drug arrest at a New Mexico trailer park.

Police reports released Wednesday identified the owner of the trailer, where officers found a sizable amount of drug paraphernalia associated with methamphetamine use, as Jessica Quintana. Law enforcement officials said Quintana was a former contract employee at the lab.

The FBI executed a second search of the trailer in Los Alamos on Friday but sealed the warrant and said little about what agents found.

Quintana was employed as an archivist and apparently had a key security clearance, including approvals to participate in special access programs, according to sources familiar with the investigation who spoke on condition of anonymity because they were not authorized to discuss the case.

[FairOpinion]

How could she possibly have gotten a security clearance is beyond me.

[acapesket]

Couldn't have Anything to to with the U/C oversight!

Naw.. Never

[DoughtyOne]

How many times have see seen that headline on F.R. It seems like about every six months there's a new scandle. Just a question... do they even have a security department over there?

[GSlob]

How could the whole Los Alamos security be organized as it is, is beyond me. The only logical way to run it is as an extra-luxury jail, with noone, and no information, allowed outside, except controlled information release to a very few persons of the Vice-President caliber. "Security ends where trust begins".

[Paladin2]

Sandy Burglar is in charge.

[Army Air Corps]

"do they even have a security department over there?"

I think that these guys run security:

[fight_truth_decay]

"Reports also indicate that Quintana was employed as a data entry clerk at Information Assets Management, a LANL subcontractor, before being laid off."

http://www.lamonitor.com/articles/2006/10/25/headline_news/news01.txt

This was posted on http://pogoblog.typepad.com/

The MySpace ID now shows: "This user has either cancelled their membership, or their account has been deleted." since the post and this story October 27, 2006.

[Vn_survivor_67-68]

Los Alamos, UC, Santa Cruz to form partnership for scientific data management

http://www.lanl.gov/news/index.php/fuseaction/home.story/story_id/7449

Last year Bechtel, the University of California, BWX Technologies, and Washington Group International came together as Los Alamos National Security, LLC., a company that offers the lab the best scientific and management expertise and resources in the country.

http://lansllc.com/

[DoughtyOne]

Sounds as if, huh.

[DoughtyOne]

LOL

We sure like to pull those guys out of our files often enough. And it's so fitting.

[fight_truth_decay]

NNSA NEWS
National Nuclear Security Administration
U.S. Department of Energy
For Immediate Release
October 25, 2006
Contact: NNSA Public Affairs, (202) 586-7371


Statement from Administrator Brooks on Los Alamos

WASHINGTON, D.C. - NNSA Administrator Linton F. Brooks issued the following statement today on security at Los Alamos National Laboratory:

"Security is the primary concern at NNSA. NNSA and the Department of Energy have made extraordinary efforts in the last three years to put strong security procedures in place at Los Alamos and other national laboratories to ensure that sensitive information is not compromised. Our job now is to assess what happened at Los Alamos, to determine whether procedures have been diligently observed, and to decide whether additional steps need to be taken. I have directed NNSA's chief of defense nuclear security to personally investigate the facts at Los Alamos and I have sent a headquarters cyber security team to ensure that there is full compliance with current departmental directives. As Secretary Bodman noted earlier today, we expect the new contractor at Los Alamos to resolve quickly any continuing security concerns."


Police docs pdf on:
http://pogoblog.typepad.com/pogo/2006/10/crem_de_meth.html

[Army Air Corps]

The sad thing is that I think the elementary school hall monitors would supply tougher security; at least, they as for a hall pass!

[Army Air Corps]

UC is too PC to worry about security.

Real security might split people into classes (different security levels) and that might make some people feel bad that others have higher clearance than they have. Also, only a small percentage would receive the highest level ("winners in life's lottery!").

[DoughtyOne]

You sure have to wonder what's up over there.

[Calvin Locke]

What's her name, Hazel O'Leary? IIRC, the FOB/FOH that had the security contract wanted to increase his margins,
so Hazel did him a big favor and reduced the requirements for security, meaning he could cut back expenses.

[conservativeharleyguy]

:...Just a question... do they even have a security department over there"?

Of course they do, and they are all very professional.

The problem is not with the "Security Department", it's with the staff-members and the "College Campus" environment they fought for years to maintain.

You can have the most stringent security measures possible (having worked security at LANL for over 15 years, I can tell you that they do), and if the operational personnel choose to ignore or circumvent the rules, and their managers don't hold them accountable for doing so, you will have incidents like this in any organization.

It's not a "Security problem", it's a human factors problem.

If indeed there really was a compromise of classified matter, and it really is on a "thumb-drive, whoever did it has to have violated numerous policies, procedures, and circumvented at least one physical barrier just to have plugged it in, in addition to introducing an unauthorized removable media device onto a classified computer.

That's not "Security's" fault. It's that person's fault (and maybe their Manager's), and that person should be held accountable.

Do you have a better idea, or are you just talking???

[fat city]

"What's her name, Hazel O'Leary? "

Hehehe- yeah, looks like Johnny Chung not only got a lot of bang for his buck, but meth to boot.

[DoughtyOne]

I have plenty of ideas. Here's one. You register devices to the persons authorized to use them. Those devices are then their responsibility. You put users on notice as to what the protocal will be. You moniter all devices.

A person should be tasked to make spot checks on those devices periodically (no less than once per week, yeah it will take manpower to do it. I don't care). When they do check, the device better damned well be secure or the person responsible for it would be carted off for a short discussion, followed by possible incarceration.

What the hell kind of an operation are they running over there, that these devices could be missing and nobody know about it?

As for your comments about the supervisors, if they obstructed any implemntation of this policy they should be subject to incarceration for not taking the security of these devices seriously.

This is a national security matter, and your excuses don't instill confidence. Instead it seems to reveal at least part of the problem.

I wouldn't work for an agency that was powerless to do the job the way it should be done.

[familyop]

My kids won't do contracts for that Lab or any like it. ...the lengths we go to for feminizing, weirdo-izing and PC-ifying defense-related offices (not only government labs but also contracting corporations)! ...stupid! If the places weren't such playhouses of ill repute, the problem wouldn't be happening so often.

[oldenuff2no]

Security of such places used to be in the hands of the military. When the pentagon would not sign off on Clinton releasing classified information from research labs to China, Good Old Zipper Bry Bill had security responsibility turned over to the Department of Energy so he could give our secrets away.
Bill's system is still biting us in the butt.