YOU ARE HERE: LAT HomeCollections

In Laptop Age, Security Breach Concerns Are Up


WASHINGTON — A 14-hour plane flight ahead of him and a schedule jammed with sensitive meetings on the other end, a senior White House official slipped a disk filled with classified data into his laptop computer to review en route.

A mid-level CIA officer, driving from an audience with a foreign intelligence contact, murmured his impressions of the meeting into a hand-held device that he later downloaded into his computer at agency headquarters.

A State Department official, eager to get home and hug his new baby, left a portable hard drive in his desktop computer instead of locking it in the safe behind his desk.

Each of these situations really occurred, and each was a violation of the federal government's rules for protecting classified data. And all three illustrate a problem of increasing concern in Washington: For U.S. officials operating in the laptop age, the pressure to make every moment count can lead to mistakes that undermine careers and, in some cases, put sensitive information generated by the world's most powerful government at risk.

Take Martin S. Indyk, the U.S. ambassador to Israel. The State Department has suspended his security clearance--and his key role in Middle East peace talks--for suspected security violations. His crime? He allegedly drafted classified memos on an unclassified laptop computer during a flight and took classified documents home to prepare for meetings.

But, although Indyk's public chastisement is highly unusual, his alleged transgressions are not, according to current and former senior and mid-level officials at agencies throughout the U.S. government. With government officials traveling more than ever, competing in a world where it is now possible to write, communicate and analyze 24 hours a day, security procedures are regularly ignored, these authorities said.

"People knowingly violate the rules. They put the information at great risk, especially if they do it repeatedly over a long period of time," said Jerry Rubino, director of security and emergency planning at the Department of Justice.

Rubino said Justice logs dozens of internal security violations a week, most of them minor, such as leaving sensitive documents on a desktop overnight.

Audits conducted last year by the General Accounting Office and agency inspectors general show that 22 of the largest federal agencies have significant computer security weaknesses. Among the common problems cited were poor controls over system access, data access and software development.

"Throughout the government, everyone's computer has the ability to download onto disks," said a senior White House official who deals with classified information every day. "When I write a classified document or memo, I put it on a disk and give it to my secretary to process," said the official, who was willing to discuss the problem only on condition of anonymity. "We use disks. That's how documents are moved around. And that means people can walk away with the disks. That's a fact."

The government's defense against such security threats consists of a hodgepodge of constantly evolving regulations, which vary significantly from agency to agency and quickly become outmoded. Current and former officials insisted that following the rules to the letter would sharply limit the productivity of the people who engage in some of government's most sensitive work.

"Let's be honest. Any foreign ambassador who is working hard and has a lot of foreign contacts--how is he going to do his work if he doesn't have these aids?" asked Myles Frechette, ambassador to Colombia from 1994 to 1997.

"Obviously, in the age of information, getting your information to Washington fast is a real premium," Frechette said. "What is needed are procedures that allow you to do your job, rather than procedures that force you to spend your travel time reading magazines or something. That produces mediocrity."

Ever since there were governments there have been government secrets, and people careless enough--or motivated enough--to divulge them. But when 70,000 pages of classified material can be downloaded on a computer tape the size of a thin paperback novel, the risk of theft rises exponentially.

"All high-level officials know that a laptop is not a secure system and that they are pushing the envelope when they put sensitive material on the laptop. But everyone does it," said Melvin Goodman, professor of international security at the National War College and a former senior analyst in Soviet affairs at the CIA and the State Department. "There's too much intelligence out there and it's too easy to pocket in this high-tech age."

The National Security Agency, the spy service charged with protecting the U.S. government's communications and listening to those of its foreign adversaries, is racing to develop new encryption software to protect data on laptops and other portable computing devices.

Los Angeles Times Articles