Computers Missing at Nuclear Lab

By: Absolute Team | 2/26/2009

An email [PDF] obtained by the Project on Government Oversight earlier indicated that the Los Alamos National Laboratory (LANL) had lost 3 computers and a BlackBerry device during a 2-week period this year. After the news went public, further government response indicates that the nuclear weapons laboratory has a total of 67 "missing", lost or stolen data devices.

The National Nuclear Security Administration (NNSA) wrote [PDF] to the LANL about the most recent computer theft expressing concern that the apparent "robustness of cyber security implementation" was not being vigilantly overseen. They say there are issues with individual security controls but also configuration management and accountability issues.

"In treating this initially as only a property management issue, my staff and I, and apparently the cyber security elements of the laboratory, were not engaged in a timely and proactive manner to assess and address potential loss of sensitive information."

The quote above indicates a common misconception - that the loss of data devices is a property issue, not a data security issue. The memo advices LANL to treat all loss of equipment that can carry data - not just computers - as a cyber-security concern.

The letter revealed that 13 LANL computers have been stolen within the last year and that 67 are currently "missing." Very little data was available - or collected - about what data has been compromised as the result of these breaches. Jeffrey Berger, director of communications at LANM, says that no classified data was held on any of the lost devices and thinks the leaked memos "distorted" the situation.

Los Alamos has suffered 3 major public breaches in the past, so none of this experience is 'new' to them. A system like Absolute Software's Computrace could help with the asset tracking that appears to be a major problem for the lab - so they would know, in seconds, where every single computer is.

Via AFP, eweek, CNet, Computerworld, WSJ

Financial Services