THE VIRGINIAN-PILOT
Copyright (c) 1996, Landmark Communications, Inc.
DATE: Saturday, September 14, 1996 TAG: 9609140216
SECTION: FRONT PAGE: A5 EDITION: FINAL
SOURCE: BY DALE EISMAN, STAFF WRITER
DATELINE: WASHINGTON LENGTH: 49 lines
An innocent mistake, rather than political espionage, was responsible for a breach in computer security last spring in the office of U.S. Rep. Owen B. Pickett, an official investigation concluded this week.
But a final report by the House Inspector General warns that the electronic mail files of Pickett, a Virginia Beach Democrat, and other members of the House are vulnerable to intrusions by at least some employees of the House's information resources office.
The House, the report complained, has ``no formal . . . policy to prohibit unauthorized access, viewing and modification of e-mail messages'' by those employees and no mechanism ``to hold individual employees accountable'' for any tampering with the files.
The report said at least some of the information systems workers could access a lawmaker's e-mail files without leaving an ``audit trail,'' an electronic record of their visit. Such trails are an important tool for investigators of hacking incidents.
Morris Rowe, Pickett's press secretary, discovered April 25 that more than 100 e-mail messages which Pickett's staff had deleted from the congressman's files months earlier had been reinserted in the mail system. He reported the problem, the report said, only to have the messages abruptly disappear again.
Though an information resources employee later tried to explain the situation by telling Rowe that ``the other side was messing with the e-mail,'' the inspector general said that reference was to employees across a hallway in the information office rather than to Republicans.
A preliminary inquiry by the FBI, which Pickett also asked to look into the matter, also found no evidence of any political motivation.
Instead, the investigators said, the deleted files were routed back to Pickett because of a mistake by an employee who was doing troubleshooting on the computer system. Then they were deleted a second time when the computer recognized them as outdated.
Pickett issued a statement saying he accepts the report's conclusions but wants ``immediate remedial steps. . . to correct the deficiencies and ensure the security and confidentiality'' of House e-mail and other computer files.
``Until these deficiencies are corrected, computer files, which are supposed to be confidential and secure, will continue to be violated with impunity by insiders who should in fact be identified and severely sanctioned,'' Pickett said.
The problem was not the first spotlighted by the inspector general. In a report issued last year, investigators said they found ``a high risk of unauthorized access, modification and destruction of data residing on member, committee and other House office computer systems.'' by CNB