GAO: FBI Network Not Very Secure

from the shocking dept

The Government Accountability Office continues to break through the political clutter with its reports on what’s really going on. The latest in a long series of reports notes that the FBI’s new Trilogy data network “place sensitive information transmitted on the network at increased risk of unauthorized disclosure or modification, and could result in a disruption of service.” Should this really comes as a surprise? After all, this is the same FBI that wasted hundreds of millions of dollars on a computer system that was late, overbudget and useless at tracking terrorists — which was eventually scrapped entirely before researchers who examined its security could kick off a crime spree to celebrate how useless the system was. After completely ditching the old useless system, the government set aside another $500 million for this new system — but apparently forgot to do anything to make sure that the system was actually useful. While it’s nice that the GAO is actually pointing out how bad the new system is, wouldn’t it be nice if there were some actual accountability from the folks who both commissioned and built the systems?

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “GAO: FBI Network Not Very Secure”

Subscribe: RSS Leave a comment
Normal Guy says:


I read through GAO-07-368 at (take a look). I myself found it to be a fairly weak document on the status of the FBI’s internal network security. I see that many statements start with “FBI did not always”, what does that mean? In a perfect world without humans, could there be an “Always”. I don’t find any of their action items to be conclusive or solid, most are generic and convoluted. The only “action item” that could be provable is “in some instances, personnel did not follow physical security policies and procedures” (p.11). That only proves my previous point, humans, yep, always getting in the way! I personally disagree with many of the other areas of the document because they are incorrect, I know this to be true. I would take a look at the document closely and objectively before attacking the FBI’s information technology in regard to this document. The prior mistakes specifically in the area of failed programs are common to any organization trying to increase quality and scalability of their IT systems, they are usually written off as growing pains and life lessons especially when it comes to handling internal IT security. For the Federal agencies these issues are seemingly worse because of the public exposure in the attempt for accountability to the tax payer. When I would rather waste my tax dollars on making sure a system will actually be the best way to prevent me from waking up to reports of deadly attacks from enemies. Really when compared to the approximant cost of a senator to change offices within the same building, which could be up too, 500,000 dollars, makes the cost of ensuring an IT system for the FBI will be effective when implemented is minor.
For those concerned over the cost and issues with the FBI, remember that banks, online stores and corporations we trust in daily with our information have had the same issues. If one thinks for a minute and then uses the search engine of choice it will be seen that there are no reports of the Bureau losing data or being compromised electronically post Trilogy. If that is the case why such harsh criticism, just because a proactive accountability report said there could be an issue, which could a exaggerated example of a machines Anti-Virus being two days out of date or an individual forgot to sign in, when entering a secure room?
I know it is hard with all the media, rumors and anti-Government propaganda to be objective when looking at Federal agencies, but they do a job that needs to be done and they have increased in effectiveness greatly in recent years. The only way to prove that would with an It’s A Wonderful Life scenario, make it so they never existed and see what happens…I don’t think I would take that chance personally.

*Off topic: I plea to all my fellow blog readers. Please be informed, objective and critical readers. I so often read comments that show that many do not read thoroughly or with understanding, also many do not verify the topics covered in the article. That is our responsibility if we truly want to seek out the truth, if it can be found.

Overcast says:

Whoever expects the government to be an efficient machine and/or solve the problems of the world, should really see a therapist.

And the GAO could help to insure the overall security of government systems by not advertising this… we are all on the same team, right? You know – I don’t think that’s the case anymore.

How’s that saying go? United we Stand, Divided we fall…

Bot TT says:

If fed agencies comply with their own standards, m

Most agencies these days are following federally mandated federal information processing standards (FIPS) which set some very strict standards for security. More details can be found here:

but the bottom line is, if agencies receive proper funding for their security efforts, they can usually comply, and that compliance makes a big difference.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...