About Us
Mission Statement
Rules of Conduct
Remember Me

Outsourcing: The Best Security that can be Hacked
Author: Raine    Date: 08/07/2014 13:07:29

Earlier this week,the website The Intercept reported that yet another member of the intelligence community may be leaking government information. Yes, another NSA leaker. This time it's about the massive watch list that has been accumulating in the aftermath of the 2001 attacks on America. It's not good. It's bloated and - if this is correct - it is out of control. I'm not only talking about the watch list - I am talking about security clearance again.

Last June, while the entire nation was discussing the things Edward Snowden may have given to publications like the Guardian and the Washington Post along with nations such as China and Russia, there were people in DC actually asking how such sensitive information could have been taken. I wrote about it. My post June 2013, over a year ago, has not been altered in any way.
Then, tonite -- I read something very interesting. We are outsourcing background checks for contract jobs that are critical to our national security.

It's high time we talk about the ongoing privatization of things that used to be governmental responsibilities - Security Clearances in particular. Case in point:
Patrick McFarland, the inspector general at the Office of Personnel Management, said during a Senate hearing that the contractor USIS is being investigated and that the company performed a background investigation of Edward Snowden.

McFarland also told lawmakers that there may have been problems with the way the background check of Snowden was done, but McFarland and one of his assistants declined to say after the hearing what triggered the decision to investigate USIS and whether it involved the company's check of Snowden.
Did you grasp that? let me drive it home a little more :
USIS is a private company based in Falls Church that has done, under contract to OPM, a large portion of the background inquiries, including Snowden’s reinvestigation. USIS, itself, is under investigation.

Michelle B. Schmitz, OPM’s assistant inspector general for investigations, told the hearing that USIS has been under investigation since late 2011 in a “complicated contract fraud case.” Inspector general officials provided no details about that investigation.
News broke yesterday that USIS - the same company that gave Edward Snowden a high level security clearance - suffered from a major security breach.
The breach, discovered recently, prompted DHS to suspend all work with USIS as the FBI launches an investigation. It’s unclear how many employees were affected, but officials said they believe the breach did not affect employees outside DHS. Still, the Office of Personnel Management has also suspended work with the company “out of an abundance of caution,”a senior administration official said. (snip)

The intrusion is not believed to be related to a March incident in which OPM’s databases were hacked, said officials, some of whom spoke on the condition of anonymity because they were not authorized to speak for attribution. That intrusion was traced to China and none of the personal data, which was encrypted, were stolen.

In the DHS case, said a second senior administration official, “We have an inclination that, based on what the company has been telling us, there has been a spill. The degree to which that information has been exfiltrated for other purposes is what we’re trying to discern now.”
Frances X. Clines - a member of the NYT Editorial Blog - wrote of USIS a little over a week ago, and before this newest breach:
Running security background checks on government job applicants has become a booming private industry in Washington’s war on terror. It’s such a busy sector that one of the many workers vetting citizens managed to review 15,152 clearance cases in a single month last year. That’s about one and a half cases per minute handled by the employee, not allowing for bathroom breaks.

The worker has remained anonymous despite emerging as the Paul Bunyan of bureaucrats in an inspector general’s report detailing gross corner-cutting by a private contractor — USIS or U.S. Investigations Services. For those keeping score, that’s the same contractor that the Justice Department previously accused of signing off fraudulently on more than 650,000 incomplete security checks. That process is called “dumping” or “flushing” — a speed-up to meet productivity demands for the government, which needs to conduct more than two million background checks a year for the Pentagon alone.

What price security is the question threading through the foibles of USIS’s multi-billion-dollar work history. An answer was supplied with the recent news that the company was awarded a new $190 million government contract with the Department of Homeland Security — a development that has roiled members of Congress demanding to know how this could be. (In their dudgeon, lawmakers ignored the fact that Congress, in the frantic days after 9/11, mandated that 90 percent of security clearances be processed within 60 days.)
Here is the very under-reported story about flushing, for those interested.

We talk a lot about security in this Country, but as I've said before, as long as that security is for sale, we are just extras in a bad theatre production. I don't know who this newest leaker is, but if recent history is any clue, I would not be surprised if they were rubber-stamped by USIS. That is troubling. If our government cannot handle the onslaught of security clearances required, we either have to reduce the number of them or return this practice back to the government itself by hiring more workers. As I said over a year ago, maybe it's time to stop outsourcing government -- it cannot continue both ways. We cannot have security while embracing privatization. I'm not against government contracting -- I'm against contracting out to private companies that have a say in who gets security clearances.

Security clearances should be solely left to the government -- they should not be outsourced.

The very company hired to approve security clearances has proven itself to be quite insecure.


30 comments (Latest Comment: 08/07/2014 20:37:03 by Mondobubba)
   Perma Link

Share This!

Furl it!