Pentagon: Deutch Did No Harm

[InfoSec News <isn () C4I ORG>]

http://washingtonpost.com/wp-dyn/articles/A9208-2001Jan31.html

By Vernon Loeb
Washington Post Staff Writer
Thursday, February 1, 2001; Page A10

A Pentagon investigation has concluded that former CIA director John
M. Deutch did not compromise U.S. national security by storing
classified information on unsecure computers while serving at the
Defense Department, a senior Pentagon official said yesterday.

As he prepared to leave office last month, President Bill Clinton
pardoned Deutch for writing and storing hundreds of pages of highly
classified intelligence and defense information on unsecure home
computers as CIA director and, before that, as undersecretary and
deputy secretary of defense.

The pardon came one day after Deutch had agreed to plead guilty to a
misdemeanor for unauthorized removal and retention of classified
documents, and it caught prosecutors by surprise.

The new Pentagon report, which defense officials hope to release
today, represents a postscript to years of controversy over Deutch's
security lapses. Because his unsecure laptop, desktop and home
computers were linked to the Internet, the classified material he
mishandled was subject to possible compromise by computer hackers.

In the damage assessment, however, Pentagon computer security experts
found no evidence that any of the information contained in a
1,000-plus-page journal kept by Deutch on his computers and stored on
a portable disk had been compromised.

"There was plenty of classified stuff in there," the official said.
"But we've had the techies look for trap doors, and there is no
evidence that anything like that occurred."

CIA investigators have reached a similar conclusion, saying they have
no evidence that any classified CIA material mishandled by Deutch was
obtained by hackers or other unauthorized people.

A report by the Defense Department inspector general concluded late
last year that Deutch committed a "particularly egregious" violation
by using unsecure computers at home and in his Pentagon office from
1993 to 1995 while he was serving as undersecretary and deputy
secretary of defense.

As part of the inspector general's review, investigators found seven
desktop and laptop computers that Deutch used at the Pentagon but
found no classified information stored on their hard drives. But the
review did not include an assessment of whether Deutch's journal had
been compromised by hackers.

Within days of Deutch's departure from the agency in December 1996,
CIA computer security employees discovered classified material on his
home computers and began an investigation. The Pentagon inspector
general later determined that Deutch mishandled defense data by using
unsecure computers linked to the Internet.

Long before his pardon, Deutch had been stripped of all of his
security clearances by the CIA and the Pentagon as punishment for
violating computer security procedures.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".