Los Alamos Employees Placed On Leave After Security Gaffe
The trouble stems from missing storage devices, which may or may not have been properly destroyed.
Los Alamos National Laboratory employees and managers have been placed on paid investigative leave as a result of security problems that surfaced at the lab earlier this month, a lab spokesman confirmed Friday.
The trouble stems from missing storage devices, which may or may not have been properly destroyed. Officials said earlier this month that they can't account for a high-capacity disk and nine diskettes used at the lab. Spokesman Kevin Roark said laboratory officials won't say how many employees have been placed on investigatory leave
The gaffe is yet another embarrassing security lapse involving the loss of electronic storage devices.
While some of the disks were marked classified, the "initial laboratory review indicates that national security was not jeopardized by this incident," the lab said in a statement issued Dec. 9. An independent federal analysis of the incident is expected.
During the initial investigation, Los Alamos also contacted the Department of Energy, the National Nuclear Security Administration, and the University of California concerning the storage-media inventory discrepancies.
According to the statement, one diskette, which was marked classified--but which may not have contained classified information--was reported missing on Nov. 20; the diskette may have been destroyed, though there's no record of its destruction. A second diskette was reported missing Dec. 2, and an investigation into the incident reveals that it "was most likely destroyed" in January 2002 during the destruction of four other diskettes. But there's no existing receipt for the destruction of the diskette, according to the statement.
These incidents led to a wider investigation into the physical inventory of every classified data-storage device. That investigation revealed eight more inventory discrepancies. The lab contends that the disks were most likely destroyed, but their destruction wasn't properly documented.
"While the destruction of the materials was not properly recorded and documentation maintained, resulting in inventory anomalies, to date these investigative efforts support the likelihood that the missing media were destroyed," the Dec. 9 statement said.
The inventory problems have led to a "limited security stand-down" at the lab while a search for the missing media continues and corrective policies can be put in place.
"This situation is totally unacceptable," lab director G. Peter Nanos said in the statement. "Security is one of our most important jobs; obviously we now must look deeper into the control of all sensitive information and solve these problems."
This latest security problem is yet another credibility blow to the Los Alamos Laboratory, which develops ways to use science and technology to improve the safety and reliability of U.S. nuclear armaments, as well as performing critical research involving national defense, energy delivery, environment, critical infrastructure, and minimizing the threat posed by weapons of mass destruction and terrorism.
An earlier incident involved a hard drive that disappeared only to be found later sitting behind a photocopier.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.