Two Republican Senate staffers accessed and leaked information from thousands of Democratic files over an 18-month period, an
investigation by the U.S. Senate Sergeant at Arms has concluded.
The report, released Thursday, describes the forensics investigation in detail. It found that a Republican clerk for Sen. Orrin Hatch, R-Utah, accessed at least 4,670 files in the home directories of Democratic members of the Judiciary Committee. A senior Republican aide to the Judiciary Committee helped the clerk to target files that might help the Republicans win
their judicial nominations, the report stated.
Get Up to Speed on... Enterprise security Get the latest headlines and company-specific news in our expanded GUTS section.
The administrative investigation fell short, however, of proving that the two Republican staffers had given 18 of the documents to a third party with instructions to leak them to the press.
"This investigation depended entirely on the voluntary cooperation of those who were asked to be interviewed," the report stated. "While investigators followed leads and interviewed many individuals as a result of learning their names during interviews, it remains possible that there are other current or former members of the Senate community who have knowledge of the open nature of the Judiciary Committee computer system who have not come forward or been identified."
The probe began after memos authored by Democratic members of
the Judiciary Committee were leaked to several newspapers and published
in early November 2003. The documents, which indicated that Democrats
consulted with free-speech advocates and other lobbying groups on
judicial strategy, were said by conservatives to show that the
Democratic Party followed the agenda of special interests.
"The memos repeatedly make clear that a small collection of extreme-left
groups--abortion groups, race organizations and leftist groups
specifically focused on judges--are driving the Democrats' agenda and
vision," stated a November editorial by the Coalition for a Fair
Judiciary, a pro-Republican lobbying group. The group--whose Web site
is hosted by Campaign Solutions, a self-described "Republican voter
contact and communications firm"--posted all 18 memos to the Web in
November 2003.
Investigation begins
On Nov. 15, the chief counsel for Sen. Ted Kennedy, D-Mass.,
reported to the Senate Office of the Sergeant at Arms that the
publication of the memos might have been the result of a security problem with
the Judiciary Committee's Computer system. The Office of the Senate
Sergeant at Arms, four members of the Secret Service and an outside
contractor began an investigation. This is the first time that the
Senate's security office has conducted such a probe.
After more than 160 interviews and forensics analysis of back-up tapes and several computer systems, the investigators concluded that many accounts on the Judicial Committee's server had been improperly set up by a novice system administrator. The committee had only one server for both parties, and some home directories for both Republican and Democrat staff members had been generally accessible, the report stated. A later system administrator was more knowledgeable and created directories with the proper permissions, but did not catch the error of his predecessor.
"One system administrator had very strict account policies in place, and the other did not," stated the report, adding that the security
knowledge of the Senate's administrators varies widely. "There is no
minimum level of proficiency required to obtain a system administrator
position, and there was a considerable variance in the proficiency
levels of the committee's different system administrators."
Between November 2001 and April 2003, a Republican clerk for the
Judicial Committee discovered how to access home directories that had
their permissions incorrectly set, the report stated. Despite an initial
reprimand from two senior staff members for the unauthorized access, the
clerk continued to access the documents when he found that another
senior aide was interested in the information, the report concluded.
Investigators found more than 4,670 files from Democratic committee
members and their staff in an encrypted file on the clerk's computer.
The report concluded that the case could be prosecuted as a crime under
several laws, including the Computer Fraud and Abuse Act of 1986, and for
false statements made to investigators.
The Democrats called for immediate actions on the findings.
"There is much in this report that is new, incriminating and revealing
about the stealing of these computer files," Sen. Patrick Leahy,
D-Vt., said in a statement. "The evidence unequivocally confirms that
some Republican staff conspired to spy on and steal from their
Democratic colleagues. This report indisputably shows that this secret
surveillance was calculated, systematic and sweeping in its scope."
The publication of the investigators' report had its own security slip-up
on Thursday, when an administrative error resulted in an unredacted
version of the report being sent to the press.
According to the Wall Street Journal opinion page (the Journal was the paper that broke the original "Memogate" story in November 2003 [1]), the extent of the "hacking" in this case was limited to browsing the Windows Network Neighborhood and finding files that were open to _anyone_ on the Senate Judiciary Committee network [2].
The resulting investigatory report stated that "There is no minimum level of proficiency required to obtain a system administrator position...". Political cronyism? Likely. Technological buffoonery? Most certainly. Watergate II? Not exactly.
Web giant is spending $120 million to beef up its Mountain View, Calif., headquarters, according to filings with the city reviewed by the San Jose Mercury News.
Tor's "obfsproxy" technology would make encrypted data look innocuous and let it dodge government censors. That could help citizens in Iran reach blocked sites as antigovernment protests reportedly loom.
MIT creates a simulation to celebrate the 50th anniversary of Spacewar. A relic of the early days of minicomputers, it was one of the first computer video games and set the stage for many others, including Asteroids.
George Lucas has just released his version of "Star Wars" in 3D, but c'mon--the guy believes Greedo shot first. Why not make your own Star Wars world? In the first installment of a Crave series, a crack team of crafters fight the power and turn paper bags into the Rebel Alliance's Admiral Ackbar. It's a sack!
The resulting investigatory report stated that "There is no minimum level of proficiency required to obtain a system administrator position...". Political cronyism? Likely. Technological buffoonery? Most certainly. Watergate II? Not exactly.
1. <a class="jive-link-external" href="http://www.opinionjournal.com/editorial/feature.html?id=110004305" target="_newWindow">http://www.opinionjournal.com/editorial/feature.html?id=110004305</a>
2. <a class="jive-link-external" href="http://www.opinionjournal.com/extra/?id=110004779" target="_newWindow">http://www.opinionjournal.com/extra/?id=110004779</a>