April 09 Issue - Employee Monthly Magazine

Goal: Implement an information security system that reduces risk while providing exemplary service and productivity

Emergency exercise tests Lab’s IT security

Monique Sanchez and Dale Leschnitzer prepare an emergency exercise. Photo by Richard C. Robinson

It’s any organization’s worst nightmare: a malicious insider infects its operational systems with a worm that diverts funds to a bogus bank account, leaks confidential employee information to outsiders, and then causes a total system shutdown. Far fetched? Not really.

Worms that corrupt databases, exploit default accounts and passwords, create false accounts with far-reaching privileges, and communicate with off-site servers are more common than we’d like to believe, said the Lab’s Information Technology Contingency Planning Coordinator Dale Leschnitzer.

Leschnitzer, whose nickname is “Master of Disaster,” recently led a desktop emergency exercise to safeguard the Lab’s information security and protect the integrity and functionality of its business systems. The National Nuclear Safety Administration requires the exercise annually.

“The Contingency Planning for Business Systems Drill is vital, not just for compliance purposes, but to ensure continuity of business operations in the event of a disaster,” said the Lab’s chief information officer, Thomas Harper.

The exercise allowed participants to build emergency response skills by playing out a fictitious scenario wherein a malicious insider had corrupted the Lab’s Oracle system. Critical services and activities, such as employee payroll, security badging, staff information systems, and accounts payable, were jeopardized.

Monique Sanchez of Emergency Planning and Preparedness coordinated the drill at the Laboratory’s Emergency Operations Center. “We discussed how emergency operations would operate without these important systems,” she said.

The scenario was based on real events, Leschnitzer added. “New Mexico Tech recently had funds diverted to false but legitimate-sounding bank accounts,” he said. “And the City of San Francisco’s network was hijacked for months by a malicious insider.”

About 70 participants and observers from the Associate Directorate for Business Services, Associate Directorate of Engineering, Chief Financial Officer, Information Resource Management, Cyber Security Incident Response Team, Communications and Government Affairs, Emergency Response, Security, Desktop Support, Los Alamos Site Office, National Nuclear Security Administration, and Sandia National Laboratories attended the event.

--Tatjana K. Rosev

Other Headlines

• CMRR is going "green"
• Lab develops new energy-storage solutions
• Computing systems whiz named LANL Star
• Piling on to tackle the nation's energy needs
• Lab technology to ENABLE energy independence
• My View: Energy-wise for a brighter future (Mike Mallory)
• Kudos
• Notebook
• Our Goals: Emergency exercise tests Lab's IT security
• Spotlight: New EAP counselor promotes positive thinking