[Clips] Security 2.0: FBI Tries Again To Upgrade Technology

R.A. Hettinga rah at shipwright.com
Mon Oct 31 07:32:02 EST 2005

--- begin forwarded text

 Delivered-To: clips at philodox.com
 Date: Mon, 31 Oct 2005 07:29:37 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R.A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] Security 2.0: FBI Tries Again To Upgrade Technology
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com


 The Wall Street Journal

  October 31, 2005

 Security 2.0:
  FBI Tries Again
  To Upgrade Technology
 October 31, 2005; Page B1

 As the fifth chief information officer in as many years at the Federal
 Bureau of Investigation, Zalmai Azmi faces a mystery: How to create a
 high-tech system for wide sharing of information inside the agency, yet at
 the same time stop the next Robert Hanssen.

 Mr. Hanssen is the rogue FBI agent who was sentenced to life in prison for
 selling secret information to the Russians. His mug shot -- with the words
 "spy, traitor, deceiver" slashed across it -- is plastered on the walls of
 a room at FBI headquarters where two dozen analysts try to track security

 Mr. Hanssen's arrest in February 2001, and his ability to use the agency's
 archaic system to gather the information he sold, led FBI officials to want
 to "secure everything" in their effort to modernize the bureau, Mr. Azmi
 says. But then, investigations after the Sept. 11 terrorist attacks showed
 that FBI agents had information about suspected terrorists that hadn't been
 shared with other law-enforcement agencies. So then "we said, 'Let's share
 everything,'" Mr. Azmi says.

 Since then, the FBI spent heavily to upgrade its case-management system,
 from one that resembled early versions of personal computers -- green type
 on a black computer screen, requiring a return to the main menu for each
 task -- to a system called Virtual Case File, which was supposed to use
 high-speed Internet connections and simple point-and-click features to sort
 and analyze data quickly.

 But after four years and $170 million, the dueling missions tanked the
 project. FBI Director Robert Mueller in April pulled the plug on the much
 ballyhooed technology amid mounting criticism from Congress and feedback
 from within the bureau that the new system wasn't a useful upgrade of the
 old, rudimentary system. As a result, the FBI continues to use older
 computer systems and paper documents remain the official record of the FBI
 for the foreseeable future.

 Highlighting the agency's problems is the recent indictment of an FBI
 analyst, Leandro Aragoncillo, who is accused of passing secret information
 to individuals in the Philippines. After getting a tip that Mr. Aragoncillo
 was seeking to talk to someone he shouldn't have needed to contact, the FBI
 used its computer-alert system to see what information the analyst had
 accessed since his hiring in 2004, a person familiar with the probe said.
 The system didn't pick up Mr. Aragoncillo's use of the FBI case-management
 system as unusual because he didn't seek "top secret" information and
 because he had security clearances to access the information involved, this
 person said.

 The situation underscores the difficulties in giving analysts and FBI
 agents access to a broad spectrum of information, as required by the 9/11
 Commission, while trying to ensure rogue employees aren't abusing the
 system. It's up to Mr. Azmi to do all this -- without repeating the
 mistakes of Virtual Case File.

 Much is at stake: FBI agents and analysts are frustrated by the lack of
 technology -- the FBI finished connecting its agents to the Internet only
 last year -- and Mr. Mueller's legacy depends on the success of this
 effort. The FBI director rarely appears at congressional hearings or news
 conferences without his chief information officer close by these days.

 An Afghan immigrant, the 43-year-old Mr. Azmi fled his native country in
 the early 1980s after the Soviet invasion. After a brief stint as a car
 mechanic in the U.S., he enlisted in the Marines in 1984 and spent seven
 years mainly overseas. A facility for languages -- he speaks five -- helped
 him win an assignment in the Marines working with radio communications and
 emerging computer technologies.

 When he returned to the U.S., he joined the U.S. Patent and Trademark
 Office as a project manager developing software and hardware solutions for
 patent examiners. He attended college and graduate school at night,
 obtaining a bachelor's degree in information systems from American
 University and a master's degree in the same field from George Washington
 University, both in Washington, D.C. Afterward, he got a job at the Justice
 Department in which he helped upgrade technology for U.S. attorneys across
 the country.

 That is where he was working when terrorists attacked Sept. 11, 2001. On
 Sept. 12, armed with two vans of equipment, Mr. Azmi and a team of
 engineers traveled from Washington to New York, donned gas masks, and broke
 into the U.S. Attorney's office near the World Trade Center to secure
 information and get systems up and running. Within 48 hours, the network
 was back online.

 Then he says he got a call from a friend from his military days, who asked,
 "Do you want to watch the news or make the news?" Mr. Azmi headed back to
 Afghanistan, where he spent two months crawling through the mountains with
 a special-operations unit searching for Osama Bin Laden. He won't say
 whether he did this in a civilian capacity.

 Mr. Azmi eventually returned to the Justice Department. In November 2003,
 Mr. Mueller plucked him to join the FBI, promoting him in May 2004 to be
 chief information officer. At the time, the Virtual Case File system was
 delayed but there was still hope it could work. Early this year, however, a
 field test in the FBI's New Orleans office determined the setup wouldn't
 satisfy the agency's needs. Mr. Azmi was ordered to start over from scratch.

 Its replacement, dubbed Sentinel, is supposed to be bigger than just a
 case-management system, incorporating search-engine tools for investigation
 and efficiency improvements to decrease the FBI's reliance on paper. The
 bureau currently uses more than 1,000 paper forms to do everything from
 asking permission to take a trip to wiring an informant with a body

 The road map for the project, housed in a two-inch-thick binder that Mr.
 Azmi frequently pats, is based on input from hundreds of managers and
 rank-and-file employees at the bureau about their needs and processes.
 Before, Mr. Azmi says, "we didn't have a blueprint. We all decided to build
 a house, but no one knew what the foundation was going to look like."

 The project won't be completed until 2009 and is likely to cost hundreds of
 millions dollars more. No official estimate of the price will be provided,
 FBI officials say, until after the contract is awarded in November.

 At its core, though, Sentinel will be successful only if it threads the
 needle of sharing and securing information for only those who need to see
 it. Making the task more difficult is the size and disparity of the FBI's
 technology needs. For example, the bureau has four separate computer
 networks -- Top Secret, Secret, Classified and Sensitive but Unclassified.
 The Secret database alone is subdivided into thousands of compartments that
 house information on grand juries, among other things.

 By comparison, "we had one network at the National Security Agency that we
 did everything on," says Jack Israel, a 25-year NSA veteran and now the
 FBI's chief technology officer who works for Mr. Azmi. The NSA network was
 "secret," thus viewed only by those with security clearances at that level.
 But a single report filed by an FBI agent could include information that
 falls into all four categories, meaning walls must be erected around data
 so its existence is known only by those with authorization.

 Instead of doing what's known as a "flash cutover," or taking down the old
 system completely and turning on the new, as was previously planned, Mr.
 Azmi has opted for a gradual approach. It is already under way.

 So far, all of the information stored in the old, rudimentary system has
 been copied -- four billion records, or three terabytes of data -- into a
 provisional system known as the Independent Data Warehouse. While it
 doesn't put to rest the security issues raised in the Aragoncillo case, the
 database, used by some 8,000 employees, allows information to be accessed
 and manipulated through an easier Internet-style connection. An internal
 search engine is being tested by the FBI's counterterrorism and
 counterintelligence units that will allow users to pictorially chart how
 various people and groups connect to each other.

 It is all part of Mr. Azmi's plan to make the FBI more like his favorite
 crime drama, "24" on Fox Television. Though the show is based on the CIA,
 its lead character, agent Jack Bauer, "always has the right information
 available at the right time. ... That's the goal for the FBI."

 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 Clips mailing list
 Clips at philodox.com

--- end forwarded text

R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list