Committee on Homeland Security Chairman Bennie G. Thompson, D-Miss., and Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology Chairman James R. Langevin, D-R.I., sent a letter last Friday to Richard L. Skinner, inspector general of the Department of Homeland Security. In the letter they say the House Committee on Homeland Security's investigations led them to believe the department is under attack by foreign powers, and could be at risk because of "incompetent and possibly illegal activity" by a U.S. contractor.
The congressmen didn't name the contractor in the letter. However, the Washington Post on Monday reported that the FBI is investigating Unisys, a major information technology firm with a $1.7 billion Department of Homeland Security contract, for allegedly failing to detect cyber break-ins traced to a Chinese-language Web site and then trying to cover up its deficiencies. The Post also reported that in 2002, Unisys won a $1 billion deal to build, secure, and manage the information technology networks for the Transportation Security Administration and DHS headquarters. In 2005, the company was awarded a $750 million follow-on contract.
"The infiltration of federal government networks by unauthorized users is one of the most critical issues confronting our nation, but it's hardly a new threat," wrote Thompson and Langevin in their letter. "For years, these attacks have resulted in the loss of massive amounts of critical information... Cyberespionage is an issue of national security, and we must improve our defensive posture to prevent the theft of data or the compromise of the integrity of our data."
This past April, an official with the Department of Commerce testified before a Congressional hearing that hackers operating through Chinese servers used a rootkit to penetrate computers at the Commerce Department. The department's IT staffers reportedly never discovered when the break-in occurred or the amount of information that was stolen.
And in another congressional hearing this summer, Langevin himself testified that Homeland Security, the government agency tasked with being the leader of the nation's cybersecurity, suffered 844 "cybersecurity incidents" within two years. He also said the Chinese have been "coordinating attacks against the Department of Defense for years."
The letter also noted that earlier this month, the committee on Homeland Security received information that a hacking tool, a password dumping utility, and malicious code was found on more than 12 computers in the department's headquarters. Langevin and Thompson added that the machines may still be compromised due to the contractor's "insufficient mitigation efforts."
The letter also said the hackers moved information out of the compromised computers and to a Web hosting service that connects to Chinese Web sites.
Langevin and Thompson went on to allege that the Department of Homeland Security contracted for network intrusion-detection systems to be put in place, but they were not fully deployed when the latest incident occurred.
"If network security engineers were running these systems, the initial intrusions may have been detected and prevented," the letter said. "Contractors provided inaccurate and misleading information to Department of Homeland Security officials about the source of these attacks and attempted to hide security gaps in their capabilities."
The congressmen also are calling for a review of the government officials charged with overseeing the contractor.