EDWARD J. MCCALLUM
HOUSE COMMITTEE ON GOVERNMENT REFORM
SECURITY LAPSES AT
DEPARTMENT OF ENERGY FACILITIES
THURSDAY, JUNE 24, 1999
TESTIMONY OF EDWARD J. MCCALLUM
Mr. Chairman, thank you for the opportunity to speak with the
committee today about the Department of Energy=s (DOE) Safeguards and Security Program, and the Department=s long history of
suppression and reprisal against individuals attempting to do their jobs. DOE=s arrogant disregard for
national security is clearly described in the June 1999, Report on Security at the
Department of Energy by the President=s Foreign Intelligence Advisory Board (PFIAB), and Congressman Cox=s committee report on
espionage at our national laboratories. It is clear today that DOE has sacrificed nuclear
security for other budget priorities and has jeopardized national security by failing to
protect its Laboratories against widespread espionage or against terrorist attack.
Over the past nine years, I have served as the Director of DOE=s Office of Safeguards
and Security. In this capacity, I have been responsible for the policy that governs the
protection of the DOE=s national security assets, including nuclear weapons, nuclear
materials, highly classified information and personnel clearances for these assets. My
office is also charged with investigating security incidents involving the loss of nuclear
materials and the unauthorized disclosure of classified information.
As you know the Department of Energy placed me on Administrative Leave
on April 19, 1999. DOE officials allege that I committed a security infraction. They claim
that I disclosed classified information during a conversation with a whistleblower. This
is not true based on the Department=s own classification procedures and guidelines (CG-SS-3, Chap 10,
Dispersal of Radioactive Material), these allegations are completely unfounded. I have
been an authorized classifier in the DOE and its predecessor organizations for over 25
years and helped develop the first classification guide in this area in 1976. I am also
the Department=s subject matter expert in this area, yet the DOE did not consult
my staff or me before taking this action. Further, DOE failed to follow its own procedures
in investigating these issues before placing me on Administrative Leave, and has failed to
respond to my classification challenge since. I believe this action to be an obvious act
of retaliation against the individual and the office that has tried to bring an
increasingly distressing message of failed security at the DOE Laboratories forward since
1995. In addition, my situation at DOE remains unresolved with the threat of a more
serious actions as a realistic possibility.
Prior to joining the Office of Safeguards and Security I held several
high level positions within the Department=s safeguards and security program areas. From 1988-1989 I served as
Director, Office of Security Evaluations. In 1978 I joined the DOE at the Chicago
Operations Office and in 1979 became the Director of the Safeguards and Security Division.
Prior to joining DOE, I served as an officer in the U.S. Army. Active military service
included a number of Military Intelligence and Special Forces assignments in Europe and
Southeast Asia. I culminated my military duty as a reserve officer after over thirty years
of active and reserve service.
As the Director, Office of Safeguards and Security, my team has
provided senior DOE management with sound, professional judgement regarding security of
most critical strategic nuclear assets. We have provided specific action plans to correct
shortcomings, even though much of what we have recommended has not been considered
politically correct, since the Cold War is now over. The steady decline in resources
available to the DOE safeguards and security program as well as a lack of priority has
allowed the Department=s security posture to deteriorate to a point where it is not
effective. I refer in my written testimony to a number of unclassified reports from the
Office of Safeguards and Security, issued between 1994 and 1999, which document the
reduction in the Department=s security readiness. These reports are supported by hundreds of
classified reports which provide detailed analysis.
The information presented in the testimony I submit today is not new.
The message has been repeated consistently over the last decade, in such reports prepared
by my office as the Annual Reports to the Secretary in 1995, 1996 and 1997. In fact, these
reports were frequently referenced and footnoted in the PFIAB Report. External reviews
such as the Report to the Secretary, by General James Freeze, or the Nuclear Command and
Control Staff Report on Oversight in the DOE in 1998, cite similar concerns. There have
also been a large number of General Accounting Office Reports addressing these and other
areas. We have frequently reorganized, restructured and studied these issues, however, the
department has not chosen to resolve these serious and longstanding problems.
I would like to cover a few specifics to introduce the committee to the
severity of the issues. Technical expertise and continuous external oversight will be
required to assure their correction. Reorganization and reshuffling will not suffice.
One of the primary interests expressed in recent months, and
indeed widely covered by the media recently, is the loss of classified information from
the computer systems at the National Laboratories. Indeed, I believe we are sitting at the
center of the worst spy scandal in our Nation=s history.
The DOE Computer Security Program suffers from a variety of problems.
Of primary concern is the lack of protection for unclassified sensitive information and
the ease with which it can be transferred from classified systems. Until last month little
guidance had been issued on how to protect sensitive but unclassified information.
Further, system administrators are charged with the responsibility for designing their own
protective measures. Unfortunately, many of them do not have the computer security
knowledge required to implement a sound computer security program. Attempts to issue
comprehensive guidance by my office and the Chief Information Officer as early as 1995 met
with significant Laboratory resistance and failed. Several Laboratories and their Program
Assistant Secretaries in Washington believed that providing protection, such as firewalls
and passwords, was unnecessarily expensive and a hindrance to science. Implementation of
the proposed Computer Security Regulations in 1996 would have prevented many of the losses
being reported today.
A variety of computer security tools and techniques, such as encryption
devices, firewalls, and disconnect features, are required by policy; however, these
policies were frequently ignored. Something as simple as using different size floppy discs
between classified and unclassified systems was refused as unnecessary.
Last year, despite the most severe and candid briefings to the
Secretary on compromises of nuclear weapons data at our National Laboratories, we were
still unable to move essential policy changes forward. It was not until Congressman Cox=s report began to take
shape that DOE began to react.
While much attention of late has been directed toward foreign
visitors, espionage and the protection of classified information, equally serious cause
for concern exists in other areas as well. For instance, since 1992, the number of
protective forces at DOE sites nationwide has decreased by almost 40% (from 5,640 to the
current number of approximately 3,500). In 1996, the numbers were far worse, but
continuous pressure from my office resulted in an increase of several hundred Security
Police Officers over that low. In the same timeframe the inventory of nuclear material has
increased by more than 30%. The number of Security Police Officers has declined to the
point where it is questionable at some facilities whether the DOE Security Force could
defeat an adversary. By 1996 several facilities were no longer capable of recapturing a
nuclear asset or facility if it were lost to an adversary. Indeed, a number of sites
stopped training for this mission because resources were reduced below the minimum level
necessary to expect success. We have had some success in increasing security force numbers
in recent years and at this time all sites claim they can satisfy the requirement to
maintain control over these facilities. Yet, several of these sites are using unrealistic
performance tests to verify that their Protective Force can recognize, contain and
neutralize the adversary. For instance, artificial "safety constraints" are
imposed on exercise adversary teams that effectively neutralize their ability to operate.
A review by a DOD Special Operations team at one of our sites last year reported that
needlessly restrictive exercise rules for the intruders resulted in a false site win and a
false sense of security.
There have been several other consequences of reduction in the number
of Security Force Officers. First, DOE sites are relying increasingly on local law
enforcement agencies to handle serious security threats. While their dedication and intent
are clear, their training and ability to respond in a timely manner in a nuclear terrorist
situation is questionable. Second, sites have difficulty increasing the operations tempo
of security during high threat periods. Finally, an average annual overtime rate in our
nuclear weapons facilities of approximately 25% has had detrimental affects on safety,
training, and response capabilities.
A centrally funded and well-integrated National-level security
exercise program is critical to meet the safeguards and protection needs of DOE and the
nation. Exercises that address site response and management of security crisis are
required by regulation to be held annually at critical DOE facilities. However,
participation by State and local law enforcement, regional offices of the Federal Bureau
of Investigation (FBI) and other Federal agencies is inconsistent and varies considerably.
Under Presidential Decision Directive 39, U.S. Policy on Counterterrorism, and Decision
Directive 62, Protection Against Unconventional Threats to the Homeland and Americans
Overseas, the Secretary of Energy is directed to conduct exercises to ensure the safety
and security of its nuclear facilities from terrorism. With the cooperation and support of
the FBI, several regional exercises were conducted at DOE sites in the last year. However,
funding and commitment are far short of the required goals. My staff has estimated that we
are meeting only about 25% of our site requirements. Importantly, the majority of the
funding for exercises resides at the site level where expenditures must vie with other
immediate program needs each fiscal year, usually to their detriment.
PHYSICAL SECURITY SYSTEMS
Another area of concern involves aging and deteriorating
security systems throughout the DOE complex. Physical security systems such as sensors,
alarms, access control and video systems are critical to ensure the adequate protection of
Special Nuclear Material (SNM) and classified material and weapons parts. Many facilities
have systems ranging in age from 14 to 21 years, and are based on technology developed in
the mid-70's. Because of the obsolescence of these systems they fail too frequently and
replacement parts and services are increasingly expensive and hard to obtain. Expensive
compensatory measures (i.e., security force response) are required as a stopgap measure to
assure adequate protection. Older systems are also vulnerable to defeat by advanced
technologies that are now readily available to potential adversaries. Continual
reductions, delays or cancellations in line item construction funding increase the risk to
sites security. Also, DOE is not realizing significant savings available through
advancements in technology that have increased detection, assessment, and delay
I fear that a recent decision by the Department to have HQ
Program Offices fund the cost of clearances for field contractor personnel will have
severe repercussions. Since implementing this new approach at the beginning of FY 1999, we
have already seen a dramatic increase in the backlog of background investigations. As with
other security areas, program offices must decide between competing interests when
determining those areas to be funded. Unfortunately, security activities are relegated to
a lower tier in terms of importance by most program Assistant Secretaries and field sites.
This appears to be the case with the funding of security background investigations. As the
first line of defense against the "insider" threat, adequate funding and timely
conduct of reinvestigations is critical to ensuring that DOE maintains a security posture
commensurate with the level of threat and that only reliable and trustworthy individuals
are given access to critical national security assets.
Presidential Decision Directive-39, The United States Policy on
Counterterrorism, requires all governmental agencies to implement security measures to
defend against weapons of mass destruction, including chemical and biological weapons. The
Office of Safeguards and Security has developed the necessary policies and requirements
for implementing PDD-39. Labs and production plants, however, have been slow to purchase
and install explosive detection systems, with only a limited number of sites having done
so. HQ program Assistant Secretaries claim that there is no funding for such equipment. I
find it hard to believe we can find money to provide explosive detection at airports
nationwide but not at our most sensitive nuclear facilities.
A PATH FORWARD
Operating beneath the surface of these major challenges are some
fundamental issues that, if properly addressed, could provide the impetus to effect real
progress. These challenges are not new, nor are their solutions.
SAFEGUARDS AND SECURITY PROGRAM FUNDING
This is the central and root-cause issue for failed security in
the DOE. As previously stated, when HQ program Assistant Secretaries face funding
shortfalls, there is a tendency to cut security programs in equal or greater proportion
than other program elements. In recent years, these cuts have been routinely made without
the benefit of assessing the impact these cuts have on the security of the site or assets
in question. The implementation of virtually every security program, from the Information
Security Program to the Protective Forces, has suffered significantly. Many of these cuts
are shortsighted and ill advised, and as we have seen they have led to serious security
lapses. Nevertheless, my office had no authority to ensure HQ program Assistant
Secretaries implementation of departmental security policies and requirements. Similarly,
my office has few resources to provide program offices or field elements to help pay for
appropriate security measures. The new Security Czar does not have a budget for
implementation. Safeguards and Security budgets for DOE should be provided through one or
more line items to the Security Czar, not the program Assistant Secretary. Without an
adequate budget there is simply no authority.
It should be apparent that attempts to implement internal
oversight of the DOE safeguards and security program have failed over the last decade.
While there have been high points and periods when oversight has been effective,
organizational and budget pressures have played too central a theme for this function to
remain within DOE. An organization like the Commission on Safeguards, Security and
Counterintelligence for Department of Energy Facilities proposed by the Senate in Section
3152 of the National Defense Authorization Act for Fiscal Year 2000 should be established
to independently review Security at DOE and the Laboratories. This would fulfill
longstanding recommendations of both GAO and the Congress. Further a direct information
mechanism should be established to one or more of the Congressional Committees.
In all of the reviews of the safeguards and security program
conducted during the last decade, there is a recurring theme. Namely, the organizational
structure of the Department=s Safeguards and Security Program does not align programmatic
authority and responsibility and is too open to manipulation by the contractors. The
Safeguards and Security Program in its current structure has one organization developing
policy, training and providing technical field assistance (OSS), another organization
providing funding and "implementing guidance" (Headquarters Program Offices), a
third tier of organizations (Field Sites) is responsible for implementation of policy,
while a fourth (EH) is responsible for oversight. A fundamental change in both the
organizational structure and funding of the Safeguards and Security Program is absolutely
necessary before the Department can begin to systematically address the major challenges
previously addressed. These organizations must be consolidated with policy, guidance and
implementation in one location, and with an appropriate budget to participate in
Department decision making.
Secretary Richardson recently announced the selection of a new
"Security Czar" for the Department. Based on the Secretary=s pronouncements many of
these concerns could be answered. However, the Secretary=s statements and the
actual actions occurring within the DOE seem startlingly different. A disturbing document
entitled, "Safeguards and Security Roles and Responsibilities@ has been circulated by
the Undersecretary and Roger Hagengruber of Sandia National Laboratory that would give the
Security Czar less authority than I had in DOE. Specifically, in the proposed security
structure, critical approvals would be delegated from Headquarters to the very
Laboratories that have allowed critical losses. Important security plans as well as
exceptions to national and departmental regulations would be delegated to the field. And
finally, oversight inspections would be conducted "for cause" only, based on
initial reviews and self-inspections by the Labs themselves.
Ladies and gentlemen, this devolution of the few authorities reserved
to the DOE is in direct conflict with the serious negligence identified in both
Congressman Cox=s Report and that of the PFIAB. It is the organizational equivalent
of sending the fox in to count the hens. The head of such an eviscerated organization
could hardly be called a Czar. This proposal-developed by the Labs at a cost of almost 2
million dollars - is a perfect example of the organizational and policy
interference by the Labs that is also documented in the PFIAB report.
I would be less than forthcoming if I failed to mention the
most positive aspect of the Department=s safeguards and security program. The program is staffed by hard
working dedicated men and women throughout the country, both Federal and contractor, who
are firmly committed to protecting the critical national security assets entrusted to
their care. The responsibilities of these individuals are most demanding and frequently
dangerous in many respects. Yet despite the dwindling resources available to them, these
individuals continue to perform in an outstanding fashion. Where this Department has
failed is in providing these professionals the necessary resources and training to allow
them to perform their responsibilities safely and appropriately. The Department has also
failed to provide protection so that individuals will bring forward problems and
deficiencies without fear of retaliation.
It is due to the professionalism and diligence of the DOE security
workforce that progress has been made in some of the areas I previously addressed.
However, the DOE field is strewn with the careers and reputations of security officers who
have dared question the system or raise concerns for the security of our sites or the
health and safety of the public. One site has had 5 Security Directors in a little over 2
years. The last, David Reidenour resigned in disgust after only 90 days, stating that he
had never before been in a position where his duty to protect the health and safety of the
public placed him in direct conflict with loyalty to his supervision. Men like Rich
Levernier, Gary Morgan and David Reidenour are joined by contractor Security Directors
like Bernie Muerrens and Link White who tried to do the "right thing" for the
country and were rewarded by replacement or reprisal.
Numerous Security Police Officers responded to former Secretary O=Leary=s call in 1994 to come
forward without fear of reprisal only to suffer harassment. After the press conference was
over and the cameras and microphones were turned off, they suffered reprisal as thanks for
their efforts. Men like John Hnatio, Jeff Hodges, Jeff Peters and Mark Graff have all had
their careers ruined for coming forward and addressing serious lapses in DOE security
practices. This year, one of our best and longest serving Security Directors suddenly
retired after attempting to take action against an employee who willfully violated
security procedures and admitted a Russian visitor, under escort, to a security area at
the Savannah River site. The DOE escort allowed the Russian to carry an uncleared laptop
computer into the area, after being warned by the Security Office not to do so.
The Department=s history of harassment and reprisal sends a very clear warning
that this government does not want to attract or keep its best and brightest.
Despite current legislation, gaps exist in current employee protection
specifically where security clearances or classified information may be part of the issue.
Under some circumstances current organizations do not review claims of inappropriate or
prohibited employment practices where these elements are present. Willful negligence has
flourished in DOE and will continue to do so as long as officials can hide capricious and
sometimes malicious acts behind the mantra of National Security. While I place no value
higher than duty to my country, some forum must be identified or clearly chartered to
assure everyone has a fair and impartial hearing and all have the same right to "due
process" which we expect as citizens and is provided for provided by our
Mr. Chairman, career civil servants are charged foremost with assuring
the public health and safety, and the protection of our environment. However, if civil
service is solely based on a personal whim, then the public will be protected and served
only as long as it is politically expedient to do so.