Visit Kentucky's First District
|
Visit Washington, D.C.
Biography
Official Photograph
District Information
Visiting the District
Agriculture
Defense
Economy
Education Reform
Energy
Family Values
Health Care
Homeland Security
Law Enforcement
Prescription Drugs
Social Security
Second Amendment
Telecommunications
Transportation
Veteran's Affairs
Help With A Federal Agency
Federal Job Postings
Help with Federal Grants
Internships
Obtaining a Federal Document
Presidential Greetings
Federal Government Links
Flag Requests
Visiting Washington, D.C.
Student Resources
Service Academy Nominations
Congressional Art Contest
The Congressional Youth Leadership Council
you are here:
Home
/
News
/
Security Breaches at DOE Not Reported to Top-Level Officials
News
News | Congressman Ed Whitfield | United States Representative
Security Breaches at DOE Not Reported to Top-Level Officials
June 9, 2006
WASHINGTON - U.S. Rep. Ed Whitfield, Chairman of the House Energy and Commerce Subcommittee on Oversight and Investigations, on Friday held a hearing to examine vulnerabilities with the computer and information security systems at the U.S. Department of Energy (DOE).
Friday's hearing is the latest development in an investigation started by the Subcommittee in 2001 to review DOEs cyber security policies. DOE has encountered significant challenges implementing a security program to protect sensitive national security, financial, and operational information against computer hackers. A 2005 report by the DOE Office of Inspector General (OIG) found pervasive security vulnerabilities throughout the Department's computer and information management systems. Witnesses answered questions about the cyber security shortcomings identified in the report and what steps DOE was taking to improve its security efforts.
Under direct questioning by the Subcommittee, Under Secretary of Energy for Nuclear Security Linton F. Brooks revealed that sensitive information, including personal information of 1,500 employees, contained on DOE systems had been compromised by computer hacker attacks. Pressed further, Brooks acknowledged that although he was aware these files were lost since September of 2005, he did not inform his superiors, namely Energy Secretary Samuel Bodman, of the security breach. Subcommittee Members expressed alarm at DOE's response to the breach and questioned why the Department had not done more to protect sensitive information contained on its systems.
Witnesses told the Subcommittee that protecting DOE computer systems has become more difficult because the number of computer hacking attacks has risen exponentially in recent years. In response to the growing threat environment, Gregory Friedman, Inspector General at DOE, told Whitfields Subcommittee that the Department spends nearly $2 billion each year to manage its computer information systems, some of which contain highly classified national security information and sensitive financial data critical to DOEs operations.
Other witnesses seemed resigned that hackers had an edge on DOE. "[T]here is no such thing as no risk and no such thing as perfect cyber security," said Thomas N. Pyke, Chief Information Officer at DOE.
Whitfield said that DOE had to step-up its efforts to protect its computer systems. "The Department has an obligation to always remain vigilant against future computer attacks, and it is absolutely critical that the Department come up with a strategy that will keep sensitive, protected materials out of reach for those who wish to do us harm. As evidenced by the breach of DOE systems and the removal of personal files of 1,500 employees, government information can and will fall into the wrong hands if safeguards are not put in place and monitored closely."
Back to headlines
