Alongside success in many areas, government IT deployments suffered security snafus, fraud fiascoes, budget breakdowns, and more over the past year.
Federal Data Center Consolidation Makes Progress
(click image for larger view and for slideshow)
It's been a pretty good year for government IT. Agencies have consolidated data centers, adopted cloud services, improved security, and advanced their open government initiatives.
But not everything has worked. Some government IT projects have been beset with problems, while others turned into abject failures. Following is our list of the most notorious government IT missteps of the past year.
1. Security Blunder Exposes Documents
As if the leak of sensitive diplomatic cables to WikiLeaks wasn't embarrassing enough to the U.S. government, the full trove of more than a quarter million unredacted cables wound up on peer-to-peer site BitTorrent. The confidential documents included the names of diplomatic sources in human-rights violating countries, putting those sources at risk. WikiLeaks blamed the media for the leak after a journalist published a password in a book about the cables, but others explained the leak as fallout from a spat between WikiLeaks chief Julian Assange and a former employee.
2. Homeland Security Scraps Virtual Fence
In January, the Department of Homeland Security scrapped SBInet, an over-budget, underperforming "virtual fence" intended to secure the U.S.-Mexico border. The project cost taxpayers $1 billion for 53 miles of virtual fence in Arizona. Auditors repeatedly knocked the performance of DHS and lead contractor Boeing. SBInet is being replaced with the scaled-back Integrated Towers Program, which will cover limited geography using off-the-shelf technology.
3. Oak Ridge Lab Gets Hacked
Oak Ridge National Laboratory, which conducts sensitive nuclear and national security research, was hit by a zero-day cyber attack in April. While the lab's director said only a few megabytes of data were exposed, the lab had to shut down Internet access while it rooted out and cleaned up the problem. The hackers appear to have manipulated lab employees by putting malware-infected links into an email purportedly sent by the lab's HR department. Oak Ridge fell victim to a similar attack in 2007.
4. City Payroll System Duped
New York City lost tens of millions of dollars to fraud in an upgrade to its CityTime payroll system. The city spent $700 million over 10 years on the project, 10 times original estimates. Charges in the case included wire fraud, bribery, and obstruction of justice. A couple indicted in the scam fled to India, and City Hall admitted that it mismanaged the project.
5. Hacktivists Pester Authorities
Anonymous, AntiSec, and LulzSec were responsible for a series of attacks on government websites, some involving personal records. LulzSec claimed credit for taking down a CIA website and for hacking Arizona police computers. AntiSec hacked an FBI contractor, government contractor Booz Allen, and law enforcement agencies. And Anonymous leaked law enforcement forensic secrets and hacked the website of San Francisco's rail system.
6. Open Data Doesn't Add Up
The Obama administration has heralded them as flagship open government initiatives, but the federal IT Dashboard and USASpending.gov leave a lot to be desired in terms of content. Watchdogs and government auditors have criticized the sites for providing inaccurate and incomplete information. For example, the Sunlight Foundation found that nearly $1.3 trillion in spending was inaccurately reported on USASpending.gov. And the Government Accountability Office determined that numerous IT projects on the IT Dashboard reflected bad cost and schedule data.
7. USAjobs Site Buckles Under Traffic
The Office of Personnel Management and the Chief Human Capital Officers Council spent 18 months revamping Uncle Sam's job search website, USAjobs.gov. OPM decided to bring the site in-house from Monster.com, where it had been hosted, and re-launched it with a hail of publicity, but the site failed amid a surge in traffic. Not only was it inaccessible at times, but some features didn't work, including search and the ability to apply once for multiple jobs. Job seekers complained that their online resumes went missing. OPM thought it fixed the problem, but the site crashed again.
8. Emergency Alert Test Fails
The first nationwide test of the emergency alert notification system in November was supposed to transmit a short message into millions of homes, but what citizens saw and heard was a mix of regular programming, dead air, 15-minute alerts, and even Lady Gaga. In short, the test was a failure, and Congress was soon asking questions. The problems were attributed to FEMA and its media partners.
9. Air Force Drones Hacked
Two years after insurgents hacked into the video feeds of U.S. drones in Iraq, drone hacking happened again. Iranian officials claimed they downed a UAV and forced it to land in Iran. Separately, a virus was discovered that recorded drone pilots' keystrokes. While there have been no reports of classified data being stolen, the pesky malware showed up repeatedly, even after being wiped from Air Force systems.
10. Interior's Cloud Computing Mea Culpa
The Department of Interior planned to award Microsoft a contract to provide email as a service to its employees, only to find itself caught up in a legal tangle. Google filed suit, claiming it had been excluded from the bidding process. Interior reconsidered the pending award, saying it needed to reevaluate the market. A federal judge dismissed the case, and the agency is now back at square one. The drama dispelled any notion that software-as-a-service and other cloud computing deals would be fast and easy.
How 10 federal agencies are tapping the power of cloud computing--without compromising security. Also in the new, all-digital InformationWeek Government supplement: To judge the success of the OMB's IT reform efforts, we need concrete numbers on cost savings and returns. Download our Cloud In Action issue of InformationWeek Government now. (Free registration required.)
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.