Unisys refutes security cover-up allegations over Homeland Security hack

Unisys refutes security cover-up allegations over Homeland Security hack

The FBI is investigating allegations that Unisys failed to detect hack attacks on computers at the US Department of Homeland Security and then tried to cover up the lax oversight, according to a report by The Washington Post.

Unisys won a $1 billion contract in 2002 to build and manage IT networks at the department and the Transportation Security Administration. In 2005, the company was awarded a $750 million follow-on contract.

Part of the contract called for Unisys to install network-intrusion detection devices on computer systems for the TSA and DHS headquarters and monitor the networks.

But, according to the Washington Post report, evidence gathered by the US Homeland Security Committee indicates that network-intrusion devices were not properly installed and monitored at the offices.

Unisys's alleged failure meant that DHS was not aware for at least three months of hack attacks that began in June 2006, says the report, which cites Bennie Thompson, chairman of the House Homeland Security Committee.

Thompson told reporters that during October 2006 around 150 computers - including one that handles contract data - were compromised by hackers, who sent an unknown quantity of data to a Chinese-language Web site that appeared to host hacking tools.

To cover up the botch-up, Unisys allegedly falsely certified that the network had been protected, says the report.

It is not clear how the hackers breached the DHS systems, but once inside they cracked an account password for a network administrator who had access to thousands of computers on the DHS network. The attackers then installed malicious software on dozens of computers that not only hid the hacking but also copied and transferred files to an external Web site, says the report.

In July 2006 a Unisys employee detected a possible intrusion but "downplayed it" and the matter was igbnored by DHS security managers. It was not until September that two DHS systems managers noticed that their machines had been compromised.

Unisys began a probe and determined that the break-in affected more computers.

In a statement released after the publication of the Washington Post article, Unisys says it "vigorously disputes the allegations made".

"We can state generally that the allegation that Unisys did not properly install essential security systems is incorrect. In addition, we routinely follow prescribed security protocols and have properly reported incidents to the customer in accordance with those protocols," says the statement.

Unisys says it has provided DHS with government-certified and accredited security programs and systems, which were in place throughout the period in question in 2006 and remain so today.

"We believe that a proper investigation of this matter will conclude that Unisys acted in good faith to meet the customer's security requirements," says the vendor.

An aide on the Homeland Security Committee told the newspaper that the FBI was investigating Unisys for criminal fraud. The committee also has called for the DHS to look into the matter.

Comments: (0)