Inside the Ring

By Bill Gertz INSIDE THE RING (Contact) | Thursday, January 8, 2009

Article
Comments ()

Classified spillage

The Navy is facing a growing problem of classified electronic information being placed on unclassified laptop and other computers, what the service calls "electronic spillage" and is overpaying a defense contractor to fix the machines.

According to a Navy report obtained by Inside the Ring, the service is paying some $5 million annually to the technology company EDS to clean up the electronic spills - almost 10 times the cost of simply destroying the affected machines and replacing them with new ones.

The Navy report from October disclosed that in fiscal 2008 there were 52 incidents of classified data being placed on unclassified electronic systems, about half of them Pacific Fleet and Naval Education and Training Command systems, and a total of 37 were on the Navy Marine Corps Intranet, the massive unclassified computer network used for command and control on more than 350,000 military computers.

The NMCI, as it is known, consolidated a number of different computer networks but has not worked well. A General Accountability Office report from 2006 stated that "NMCI has not met its two strategic goals - to provide information superiority and to foster innovation via interoperability and shared services."

The Navy defines spillage as placing classified data on a lower-order classified computer. It is regarded as a compromise of classified data requiring elaborate reporting and corrective action.

The report stated that the Navy is averaging 36 electronic compromises a month, and that the number of incidents is "rising."

One example from the report was an October incident when a Navy official scanned a classified document onto an unclassified network and improperly e-mailed it to others. Earlier compromises included a September incident involving the transfer of classified data from a secret network to an unclassified network with a removable flash drive; and several transfers of classified documents and information to unclassified networks and computers. A "key boarding" incident occurred in July when a Navy computer user included classified information on a document created on an unclassified network.

The contractor who built the intranet and repairs compromised NMCI computers is the Texas-based technology services company EDS, which according to a defense official charges the Navy $11,800 to fix each electronic spillage. At that price per incident, the Navy is paying EDS an average of about $5 million a year to electronically "clean" some 432 "compromised computers."

"Replacing a hard drive or the entire laptop would be significantly cheaper," said the official, who noted that "432 new Dell laptops would cost no more than $600 to 650,000." The official spoke on the condition of anonymity because of the sensitivity of the issue.