Absent security

Back in 1985, the General Accounting Office took a survey of 25 computer systems in 17 federal agencies. Inspectors found all of the systems vulnerable to waste and fraud because of lax security, with government workers often a source of the trouble.

A lot has changed since then. Not with federal computer security, which is still horrendous, but with the type of computer attacks to which the government is vulnerable. The government workers were mere amateurs compared with the worldwide threat from viruses. As a commentary by John T. Correll describes on today’s op-ed page, the threat requires a better coordinated response than it has received.

The GAO has been warning the government about lax computer security even before its ’85 survey, but since then it has found numerous examples of some truly disturbing opportunities for breaches. Not long ago, the Federal Aviation Administration (FAA), according to the GAO, was found to be “ineffective in all critical areas included in GAO’s computer security review — facilities physical security, operational systems information security, future systems modernization. …” Defense had “pervasive weaknesses.” The State Department, similarly, was “vulnerable to access, change, disclosure, disruption or even denial of service by unauthorized individuals.”

In 1998, President Clinton placed the FBI in charge of protecting the nation’s computer systems, but according to at least one report, the culture difference between the tight-lipped bureau and the free-wheeling high-tech industry has made working together difficult. Last fall, Jack L. Brock Jr., the director of the GAO’s government information unit, told Congress not only didn’t agencies have the best protection for their computers, it wasn’t clear to him how they might get it. The deadline for bringing computers up to speed is 2003.

Mr. Correll sums up the problem neatly: “It has been four years since Sen. Sam Nunn speculated about an `electronic Pearl Harbor,” he writes. “The phrase is repeated often, but we have not made much progress. A new kind of warfare is coming, and we are not prepared to meet it.”