Another Breach of Contractor-Protected Critical Infrastructure
In my never-ending campaign to document all the ways the private sector is a bigger risk to our critical infrastructure than terrorists, hackers, political activists, or average citizens, take a look at the job Raytheon’s $100 million security system for JFK Airport has done.
Daniel Casillo, 31, was able to swim up to and enter the airport grounds on Friday night, past an intricate system of motion sensors and closed-circuit cameras designed to to safeguard against terrorists, authorities said.
[snip]
“We have called for an expedited review of the incident and a complete investigation to determine how Raytheon’s perimeter intrusion detection system-which exceeds federal requirements-could be improved. Our goal is to keep the region’s airports safe and secure at all times,” the Port Authority said in a statement.
This comes just weeks after an 82 year old peace activist was able to breach the security provided by failed Olympic security contractor G4S. In response to that failure, POGO is calling out Energy Secretary Steven Chu for his history of outsourcing to poorly-overseen contractors.
Energy Secretary Steven Chu said in a statement provided to the Knoxville News Sentinel on Monday: “The department has no tolerance for security breaches at any of our sites, and I am committed to ensure that those responsible will be held accountable.” But there is no denying that Y-12 [the actual part of Oak Ridge breached] was a giant failure of federal oversight. Now the people being axed are lower-level employees rather than those who have allowed the security standards to fall far below acceptable levels, such as Secretary Chu, himself.
Secretary Chu should be the first on the chopping block. He has been preaching for years that government overseers should get off the back of the contractors and everything will be fine. Then, of course, he is shocked when Y-12 is successfully attacked by an 82-year-old nun.
After only one year in the position, Secretary Chu’s deputy secretary, Daniel B Poneman, sent a memorandum (PDF) to the department with a safety and security reform plan aimed at curtailing pesky government oversight. “Contractors are provided the flexibility to tailor and implement safety programs in light of their situation without excessive Federal oversight or overly prescriptive Departmental requirements,” the memo said.
It should be clear by now that the current culture at DOE and its semiautonomous National Nuclear Security Administration (NNSA) is to take their orders from contractors and provide little or no oversight. As the previous head of contractor-operated laboratory, Lawrence Berkeley National Laboratory, Secretary Chu made clear his disdain for federal oversight, DOE insiders told the Project ON Government Oversight (POGO). In fact, he’s been successful in creating a culture of federal hands off the contractors in the weapons complex.
Now, maybe it’s the case that it’s just too hard to protect these sites from 82 year old nuns and jet skiers wearing bright yellow life-jackets. Maybe it’s the case that there’s no such thing as perfect security (though you wouldn’t know it from the security theater that we all have to pass through to board a plane).
But it sure seems like private contractors are proving inadequate to the task of securing some of our most obvious security targets.
Off topic. Drums of war are very loud again in Israel. Regarding the NIE estimate story, now Haaretz is saying that the new information from an “unnamed senior Israeli official” about Iran’s nuclear program was a “last-minute update”. Is that a new detail?
Reuters does report that the Obama admin has not changed its stance and no mention of a “last-minute update” from them.
Simple solution: yes, let the contractors do what they wish, but escrow their payments for 12 months, with any breach of security automatically causing them to lose what’s in escrow. In other words: be true capitalists and let the money drive the behavior in the direction we want.
edit: oops. I picked up the wrong pipe again.
The solution is simple, Marcy: outsource security to the nuns.
A “___ days since last security breach” sign.
Theater is the point it seems. It’s just for-profit theater now. It was once a giant jobs program– back when we had one big enemy and a middle class :-)
@Peterr: :))))))))))))) Thanks
i’d add-in the security consequences of the brain drain, with older employees “bought out” and institutional knowledge walking out the door with them, replaced by lower paid, often less educated workers.
see: last week’s refinery fire in Richmond. the published reports have workers finding a leak in a pipe then removing the insulation from it igniting the vapors, a completely bonehead move that could’ve killed everyone in the vicinity.
that the workers sent in to evaluate the leak seemingly didn’t have the most rudimentary grasp that insulation is on a pipe for a reason, and by removing it leaking vapors + hot room = boom, is really scary.
see also the 2010 PG&E pipeline explosion, where the company had to track down retired employees to even begin to figure out where to look for maintenance records.
@rosalind: Eesh. I hadn’t followed up on that. Used to be an OSHA regulation that required training and documentation that would prevent problems like that (it arose out of Bhopal and another Union Carbdie explosion shortly thereafter in WV). It’s still on the books, I think, but since OSHA doesn’t fine seriously anymore it might as well not be there. (And even in the heyday of the reg, Chevron liked to pay lip service to the reg, figuring the fines wouldn’t cost less than compliance.)
@emptywheel: i still remain horrified that PG&E inspection crews were awarded bonuses based on how FEW leaks they reported.
I would like to praise all of you for showing restraint, when Paul Ryan claimed that Cheese flows through his veins, and not bombarding him with snark, on his first weekend as Rmoney’s “Friar Took” … oopsies !
@emptywheel: There’s a reason why some of the best process engineers and failure modes & effects analysts went to Japan. (Mind you, one needn’t be a fan of Barry Eisler to appreciate that Japan is second to none in certain forms of systemic corruption.) But outside of the nuke industry, at least, people listened to them.
@rosalind:
Last report I saw was that they were looking at internal corrosion and oil leaking into the insulation. (They’d have to take the insulation off to fix the leak, anyway. But they should have closed the valves on that section first.)
@rosalind:
They reaction where I work ranged from ‘They did what?’ to OMGWTFBBQ! (If there was anything they didn’t do wrong, I don’t know what it was….)
Apply the inadequate security theme in this story with the Trapwire story and you get true horror. Trapwire has all the data on every American and by its nature as an enormous network, it cannot be fully secured. The Chinese are probably already in there suborning half of congress…
It seems that every single agency head obama appoints sees their job as hampering and hindering the job of the agency they run. I thought Steven Chu had a few working brain cells, but he seems to be just more of the same arrogant, not-as-smart-as-he-thinks anti-government doctrinaire. It used to be republicans that appointed wimps to anti-run our government agencies. Obama has taken another republican tactic and made it his own. Chu, Geithner and Holder are the pro-corporate fascist three mouseketeers. These icky little elves need to be arrested on charges of treason as traitors to the nation.