Feb 11, 2009

Memo: 67 computers missing from Los Alamos lab

By JOAN LOWY, Associated Press

WASHINGTON (AP) — The Los Alamos nuclear weapons laboratory in New Mexico is missing 67 computers, including 13 that were lost or stolen in the past year. Officials say no classified information has been lost.

The watchdog group Project on Government Oversight on Wednesday released a memo dated Feb. 3 from the Energy Department's National Nuclear Security Administration outlining the loss of the computers.

Kevin Roark, a spokesman for Los Alamos, on Wednesday confirmed the computers were missing and said the lab was initiating a monthlong inventory to account for every computer. He said the computers were a cybersecurity issue because they may contain personal information like names and addresses, but they did not contain any classified information.

Thirteen of the missing computers were lost or stolen in the past 12 months, including three computers that were taken from a scientist's home in Santa Fe, N.M., on Jan. 16, and a Blackberry belonging to another employee was lost "in a sensitive foreign country," according to the memo and an e-mail from a senior lab manager.

The e-mail was also released by the watchdog group.

The theft of the three computers in January triggered the inventory and a review of the lab's policies regarding home use of government computers, Roark said.

Only one of the three computers stolen from the employee's home was authorized for home use, which raised concerns "as to whether we were fully complying with our own policies for offsite computer usage," he said.

Roark said computers with classified information are "kept completely separate from unclassified computing."

"None of these systems constitute a breach of a classified system," he said.

The e-mail from Los Alamos senior manager Stephen Blair to lab co-workers said the missing computers and Blackberry were "garnering a great deal of attention with senior management as well as (nuclear security administration) representatives."

The security administration memo said the "magnitude of exposure and risk to the laboratory is at best unclear as little data on these losses has been collected or pursued given their treatment as property management issues."

The lab, located in Los Alamos, N.M., employs about 10,000 people.

41 comments:

Anonymous said...

Heh, our group leader made everyone turn in their notebooks to salvage a year and a half ago. What's really funny is this group leader has like five desktops and notebooks on their property statement, yet you only see one in their office.

40,000 computers at LANL? That comes out to a server, desktop, laptop and PDA for every employee, right?

Anonymous said...

So, LANL lost 13 of 40,000 computers last year. As far as the GSA requirement for property accountability, we are far exceeding the standard.

We know that three of the laptops were lost due to a burglary.

This really doesn't seem to be anything but outstanding performance.

I think that this shows what a bunch of idiots the POGO people are.

Anonymous said...

The article states "Additionally, the Los Alamos Site Office (LASO) expressed frustration with LANL's decision to treat the lost computers merely as a property management issue, and not as a potential lapse in cyber security."

What else could it be? The laptops were taken in a burglary. Unless the person who had them had put stuff on the laptops that should not have been there, all that is lost is his work. You really can't get into the LANL network without a cryptocard!

The LANL Site Office is full of fools!

Anonymous said...

This statement was in the article:
"But, the true test of how rigorous the government will be in holding the Lab to high security standards will be whether LASO significantly cuts LANL's contract performance fees for FY09."

Now that does not seem fair!

MIKEY

Anonymous said...

so we are missing somewhere between 0.1-0.2%? WOW! this truly is a non-issue. those idiots from POGO should really put this into perspective.

"Only one of the three computers stolen from the employee's home was authorized for home use, which raised concerns "as to whether we were fully complying with our own policies for offsite computer usage," he said."

is this statement true? i thought all of the laptops had a property justification form.

does anyone else imagine kevin roark looking like scott mcclellan or is it just me?

Anonymous said...

It seems some commenters on this blog feel LANL is being picked on. 5:58 says, "so we are missing somewhere between 0.1-0.2%? WOW! this truly is a non-issue."

Does anyone know if computers go missing or are stolen at other labs?

Anonymous said...

The article doesn't seem to indicate a time frame when these 67 computers went missing. It could be over several years.

Also, were some of these 67 computers LANL-use-only (ie, perhaps miss-placed lab property) or were all 67 of these PCs on the list for travel/home use?

POGO seems intent on fanning the flames of a non-event to slime LANL in any way that they can. However, this story has now taken on focus from DOE HQ and Congress, thanks to POGO, and LANL is about to be hit right between the eyes for this non-event. I would dearly love to know who within LANL has decided to pass internal lab emails along to POGO!

Anonymous said...

Who wants to bet that because LANL's "cancer" is out of remission again, LLNL is going to get chemotherapy?

Anonymous said...

"The lab, located in Los Alamos, N.M., employs about 10,000 people." (Article)

Make that: "it use to employ about 10,000 people".

It's now down to about 9,500 and shrinking quickly, especially in terms of the scientific staff. Once Domenici's estimate of about 2000 more employees are finally laid off, we should hit a level of about 7,500 employees. This should occur sometime between now and Jan 2010. It's all downhill from here.

Anonymous said...

The memo cited here was an NNSA memo that went from Don Winchell (LASO Manager) to Mike Anastasio.

The question I have is, who passed this latest memo on to POGO? Was it someone within LASO, DOE HQ or perhaps someone within the Director's own office?

And why did they pass it to POGO? What was their motive, other than an attempt to disgrace both DOE/NNSA and LANL?

Anonymous said...

The POGO mole working close to LANL management has really been up late nights and weekends to be sure to forward all the management communications on to their handlers.

This person(s) have been working for POGO at LANL for at least a decade, probably longer.

I wonder how good they feel drawing a paycheck for a job when their real work lies in damaging the lab and seeing their coworkers laid off?

It's got to feel GOOD being so righteous!

Anonymous said...

All that is left to be done is for Sen. Udall and Sen. Bingamin to now come out and announce that they're very disappointed in LANL because of this bad news.

This will give them some political cover when massive layoffs finally hit the lab sometime next year.

Anonymous said...

"What was their motive, other than an attempt to disgrace both DOE/NNSA and LANL?"

Why are you so quick to be negative? Their motive was probably to shine a light on mistakes so that the lab could improve. This is an opportunity for lessons learned.

Anonymous said...

Hooray! They are going to shut down the lab! That is what we all wanted, right? Right? Anyone? Hooray?

Anonymous said...

6:43...
Work here? I think not, with such a naive statement. I believe if you knew the way government REALLY works and the games the outsiders like to play it would make you physically sick to your stomach.

Anonymous said...

"Does anyone know if computers go missing or are stolen at other labs?"

Business and education are far worse than labs, but yes, other labs doubtless have this problem.

I found this site just by googling "lost data statistics", it was the second hit:http://datalossdb.org/. I expect POGO could have done this as well.

These statistics are fascinating. They also indicate why the POGO stories are so pointless -- no context. Did POGO look at common statistics? No, they just took the opportunity to slam LANL. These types of tactics do harm to POGOs reputation, such as it is.

Fact is, as the statistics show, that computer and data loss will not end, even if computers are no longer allowed to be taken home. It is also true that 67 missing computers out of 40,000 is a pretty good record.

Finally, while I am no longer at LANL, while I was there I knew lots of people who used their laptops to work at home, on the plane, and in the evenings while on travel. Almost nobody I know stopped working off-site or when 40 hours was reached. There are lots of hard workers at LANL. It would have been very hard to get my work done without the laptop. Even a week long outage is a major headache.

Anonymous said...

"They also indicate why the POGO stories are so pointless -- no context."

Exactly!!!!

Anonymous said...

Statistics don't matter when it comes to LANL. After almost 10 years of this crap coming down on the lab again and again and again, haven't you finally realized this simple fact?

You work at LANL. Everything must be done in a perfect manner at this lab. No flaw is too small to be exposed and used to beat the employees over the head and crush staff morale. Even six-sigma is not good enough when it comes to LANL. Whenever things are not perfect, LANL will be punished and ridiculed, yet again, by Congress and the media. LANS is also getting paid to do this to the staff and they are getting paid very well.

The beatings will continue until (a) morale improves, and (b) LANL is perfect at all times. That's the way NNSA and Congress want it to be. That's the place you work at when you take a job at LANL. That's the reason why many scientists at this lab have finally decided enough is enough and have move on to better places at which to do their research and keep their sanity.

And, by the way, this story just got placed on the Drudge Report, so all of Washington DC will soon be reading it. Incoming!!!!....

Anonymous said...

2/12/09 9:13 AM - give it up. It is a fight against windmills. It doesn't matter for all the LANL bashers that such problems are common throughout national labs, all the three-letter agencies, universities, companies, probably with higher incident rate than at LANL. But unfortunately, LANL was, is and always will be under the microscope. And, as you mentioned, all these brainless activities at LANL to hunt down such "rogue" computers and to make LANL "safe" just makes work harder and harder. I have worked at LANL for quite a while. I left a year ago for academia.

Anonymous said...

Soooooo, how exactly do they know there is no classified information on these computers. Just askin'.

Frank Young said...

Because Kevin said so. What, isn't that a good enough explanation?

Anonymous said...

2:21 here. Thanks, Frank, that's good enough for me!

Anonymous said...

Pulled this comment off of the KOBTV website (www.kobtv.com/):

It is clear that a number of the commentors here are clueless about the magnitude of "losing" 67 out of 40,000 computers over a five year period. A number of those computers are known to have been stolen. Even if all 67 were "misplaced," that means that 99.84% were present and accounted for. In any industry or government organization, that would be an enviable performance!

Frank Young said...

The last time I priced laptops there were models with 250 Gig hard drives. You don't need to steal 67 computers to walk away with invaluable secrets. Just one will do if you get the right one.

Anonymous said...

Oh Frank, I didn't know that you are at the forefront of the "Workfree Safety Zone". Because if you want to be sure that none, nada, zilch computers will be misplaced or stolen, just put them in a vault of a Swiss Bank. Access will then be slightly difficult afterward.

And as solution to a 100% prevention of stealing data is having no data at the first place. Here I would suggest to remove any kind of storage device, including the system RAM.

Frank Young said...

I never said people shouldn't have laptops. My original question was why does somebody have three. I later asked why nobody knows how many are off site. Now suddenly there are 67 missing. Or is it 69? Or 80?

Saying "99.84% were present and accounted for" is really meaningless. 100% of the ones that are missing are missing. At least we have some idea of what that number is now.

Anonymous said...

BUT,

We don't know how many of those had classified material on them.

Remember John Mitchell.

Anonymous said...

Since the "beatings" will now be applied to LANL by DOE HQ, I'm just curious how many lost or stolen laptops there are over at DOE HQ? How about those lost by the other DOE labs?

Of course, releasing that data might embarrass DOE, so don't expect to see it anytime soon. That is, unless Dr. Chu really is a different kind of guy leading the DOE.

Anonymous said...

If LANS management study http://datalossdb.org/reports that report OSF Data Loss Reports between 2000-2009, LANL, LLNL, SNL, NNSA, DOE, DoD, due to actual data loss reports doesn´t appear to be overly irresponsible within computer- and cyber security.

POGO and their likes, LASG, ANA, FCNL are essentially parasitical in nature against LANL, and the NWC in general, they wouldn´t exist if LANL, and the NWC didn´t exist, e.g. they are: Viruses.

PS. MilitaryTimes.com previously reported on:

Open Security Foundation

Data Loss Database - 2009 yearly report

http://datalossdb.org/yearly_reports/dataloss-2009.pdf

ID: 1547.
Reported: 2009-01-26.
Records: ?
Orgs: U.S. Department of Defense.
Summary: 60 sensitive files found on 2nd hand MP3 player.
Data Types: NAA.

PPS. LANL: The Rest of the Story, 2/1/09 12:54 AM, last paragraph:

If you know the track records of The White House, the Military, Congress, DoD, DOE, NNSA, DHS, FBI, CIA, NSA, State Department, Defense Contractors, LLNL, SNL, et cetera, regarding this matter, i.e. the risk of losing sensitive information, to any adversary, then you will know how bad or! good LANL is performing, as well as to protect against cyber-attacks from any adversary, especially China and Russia, as well as the naive and illthought idea of the then Senator Barack Obama to once again "resume laboratory-to-laboratory exchanges that were terminated in the 1990s.", between US and China, and "We [US and China] are not enemies," then Senator Barack Obama in an interview with Arms Control Today, www.armscontrol.org/system/files/Obama_Q-A_FINAL_Dec_10_2008.pdf, with the risk of losing US nuclear weapons secrets to China, and if you know the answer to everything previously mentioned, then you will grasp how the status of LANL is regarding, the risk of losing classified information to an adversary, in comparison to any other (government) institution, and not excessive interest of LANL, that in reality will gain the adversaries of US, and as a consequence will weaken US national security.

Anonymous said...

Does anyone know if computers go missing or are stolen at other labs?

i'VE TAKEN ONE FROM EACH OF THE LABS i'VE WORKED AT....

Anonymous said...

wHNE WE COME UP SHORT IN PROPERTY MANAGEMENT. wE JSUT SAY WE HAVE EM.
WHOSE GONNA NOTICE?

wHY BE HONEST IF I GETS YOU IN SUCH HOT WATER?

WHAT LOBSTER LEAPS INTO THE POT?

Anonymous said...

"...No flaw is too small to be exposed and used to beat the employees over the head and crush staff morale..."

SO USE YOUR HEAD. WHY HELP THE PROCESS ALONG?

SLOW DOWN AND THINK

Anonymous said...

Since crazy caps seem to be in vogue with the AD level folks here, HOW CAN WE GO ANY SLOWER? WORK HAS BEEN ALL BUT STOPPED AT LANL FOR YEARS. DO YOU UNDERSTAND NOW?

Anonymous said...

The LANS ADs and PADs types have to think BIG! Thus, the need for all caps to convey their BIG THOUGHTS (and swollen heads).

In the words of our illustrious NNSA chief, Tom D'Agostino, it's all part of "GETTING THE JOB DONE!"

Anonymous said...

When is DOE going wake up and realize LANS continues to outsmart them. They have covered up safety problems and security problems and DOE keeps buying their stories. DOE-get your act together.

Anonymous said...

2/12 6:10 pm: "BUT,

We don't know how many of those had classified material on them."

If they had classified information on them, it doesn't matter whether they were stolen or not. The potential compromise is the same, according to DOE.

Anonymous said...

LANS steals 10's of millions of dollars in unearned fees every year, and the DOE is worried about a few missing laptops? Time for a little perspective here.

LANS managers and board members get caught red-handed mishandling classified matter but nothing happens, yet the DOE is worried about a few misplaced unclassified laptops? Time for a little perspective here.

Anonymous said...

"..yet the DOE is worried about a few misplaced unclassified laptops? Time for a little perspective here." - 9:21 PM

More like, time to consider ending this insanity and move the weapons labs over to DOD. DOE/NNSA mis-management of the labs will never get any better. It will only get worse with time. They are killing off the NNSA labs. Isn't that clear?

Anonymous said...

Here are some interesting facts on laptop thefts in the US:

- The number of laptop thefts increased 48% in the last 2 years (Source: FBI)

- About 12,000 laptops are lost or stolen in US airports every week (Source: Ponemon Institute)

One way to mitigate the damage of lost or stolen laptops at LANL would be to require that all new laptops must use disk-level encryption. That would help moderate a lot of the fear when laptops go missing. Bit-level disk encryption is built into the Enterprise edition of MS Vista. MacOSX is also upgrading the disk level encryption available in their products.

LANL is suppose to be a place where the "best and brightest" work. How about using some technology to help solve the problem rather than going into a panic when things go awry?

Anonymous said...

It is unfortunate that Los Alamos has lost some laptops. However, every large organization loses computers and phones. These are unclassified systems. Classified systems are controlled much more carefully. Staff members routinely take laptops while on travel and to home to do unclassified work (as do scientists at any other organization). Now Los Alamos will not allow computers to be taken out of the lab.

This is a good thing? People, please take a deep breath and try to realize that there is a lot of unclassified work that is done at Los Alamos and dedicated scientist do work very hard on those projects, and they do this even outside of the normal work day. The continual hyperventilating like this over minutia makes me very glad I left Los Alamos a couple years ago.

In addition, focusing attention on lost laptops (WITH NO CLASSIFIED INFORMATION) takes away from important issues like protecting CLASSIFIED INFORMATION. Recall that when the lab was focused on people accidentally bringing in cell phones classified information went out on a USB drive. Los Alamos needs to focus on securing classified information, not this.

Los Alamos should work to minimize losses like this, but this is not worth destroying the place as a viable place to do science. Maybe too late anyway...

So glad to be gone...

Anonymous said...

"Los Alamos should work to minimize losses like this, but this is not worth destroying the place as a viable place to do science." (1:51 PM)

You do realize that the LANS for-profit $80 million annual fees are largely based on zero safety and security incidents, right?

Believe me, the place has radically changed since you left a couple of years ago. I doubt you would even recognize it if your returned.