[ISN] FBI unsure if missing notebook PCs contain sensitive data

From: InfoSec News (alerts@private)
Date: Tue Feb 27 2007 - 00:22:52 PST


http://www.gcn.com/online/vol1_no1/43200-1.html

By Jana Cranmer
GCN Staff
02/26/07

The FBI has reduced notebook PC losses by 312 percent since 2002, but 
the bureau has failed to adequately report whether stolen computers 
contain classified or sensitive data, the Justice Department Office of 
the Inspector General said in an audit report [1] last week.

When losses occur, the FBI must timely report the loss, be able to 
identify the contents of lost laptops and determine whether the laptop 
is encrypted, the bureaus IG said in a follow-up report to a 2002 
analysis. In addition, the FBI must investigate these losses and thefts, 
enter required data into the National Crime Information Center and 
report the losses to the DOJ as required.

The IGs most troubling discovery was the FBI could not determine in many 
cases whether the lost or stolen laptop computers contained sensitive or 
classified information.

The FBIs data was incomplete, auditors found. Of the 160 notebooks that 
disappeared between February 2002 and September 2006, employees filed 
only 152 forms to provide information about whether the notebooks 
contained sensitive or classified information. This information could 
include counterintelligence or counterterrorism case information, 
personal identifying information or classified information on FBI 
operations, the report said.

The forms revealed that eight missing notebooks contained sensitive 
classified information, but these forms failed to provide a complete 
picture of the losses. The auditor said 43 other forms did not state 
whether the lost notebook contained sensitive or classified information.

Without knowing the contents of these lost and stolen laptop computers, 
it is impossible for the FBI to know the extent of the damage these 
losses might have had on its operations or on national security, the 
audit said.

In addition to the insufficient information reported on these forms, 
employees reported in a less than timely manner that 38 notebooks were 
missing -- more than 10 days after their disappearances -- delaying loss 
investigations.

After discovering the FBIs insufficient tracking of missing notebooks, 
auditors recommended that the FBI:
    
* Maintain adequate records on how many notebooks are authorized to hold 
  classified information.
    
* Document the disposal of excess notebooks and hard drives to ensure 
  sanitation of all sensitive or classified information prior to 
  disposal.
    
* Report weapon and notebook losses to DOJ.

* Ensure that property is recovered from employees before they leave the 
  FBI.
    
* Adhere to its policy on property storage.


The bureau agreed with most of the recommendations and plans to 
implement them.

While the Inspector General acknowledged that the loss of certain 
resources is inevitable in an organization the size of the FBI we 
nevertheless stand committed to increasing the institutional and 
personal accountability to further increase the progress we have made in 
minimizing the loss of information technology components, said FBI 
assistant director John Miller in response to the audit.

[1] http://www.usdoj.gov/oig/reports/FBI/a0718/final.pdf


______________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss



This archive was generated by hypermail 2.1.3 : Tue Feb 27 2007 - 00:40:10 PST