) -- Hackers compromised dozens of Department of Homeland Security computers, moving sensitive information to Chinese-language Web sites, congressional investigators said Monday.
Investigators pointed a finger at a government contractor, saying the firm hired to protect DHS computers tried to hide the incidents from the department.
The FBI is investigating the incidents, a congressional staffer said, and two members of Congress have asked the department's inspector general to also launch an investigation.
"The results of our [committee] investigation suggest that the department is the victim not only of cyber attacks initiated by foreign entities, but of incompetent and possibly illegal activity by the contractor charged with maintaining security on its networks," Democratic Reps. Bennie Thompson of Mississippi and James Langevin of Rhode Island said in a written statement.
The lawmakers said committee investigators found dozens of DHS computers were compromised and the incidents "were not noticed until months after the initial attacks."
The extent of the damage is unclear, but a House Homeland Security Committee staff member said the hackers "took significant amounts of information."
"We know where it [the information] was taken from, but we don't know what was taken. We only know how many megabytes was taken," the staff member said. "Everything was on the LAN A, which was an unclassified network. To the best of our knowledge there was no classified information [taken]."
The Web site where the information was moved was described only as a "Web hosting service that connects to Chinese Web sites." The committee declined to say whether they were Chinese government sites.
In their letter requesting an investigation, Thompson and Langevin said that "contractors provided inaccurate and misleading information to Department of Homeland Security officials about the source of these attacks and attempted to hide security gaps in their capabilities."
The letter does not name the contractor, but a committee staffer identified it as Unisys Corp., which has a $1 billion contract to safeguard DHS computers.
In a written statement, Unisys disputed the allegations, which were made public Monday in a Washington Post article.
According to the House Homeland Security Committee, Unisys was charged with installing intrusion detection systems, but the systems were not fully deployed at the time of the initial incidents.
If they had been, "the initial intrusions may have been detected and prevented," Thompson and Langevin said.
"Unisys vigorously disputes the allegations made in today's article," the company said in a statement issued Monday, referring to the Washington Post story. "Facts and documentation contradict the claims described in the article, but federal security regulations preclude public comment on specific incidents."
"We can state generally that the allegation that Unisys did not properly install essential security systems is incorrect. In addition, we routinely follow prescribed security protocols and have properly reported incidents to the customer in accordance with those protocols."
Department of Homeland Security spokesman Russ Knocke declined to comment on allegations Unisys covered up evidence of hacking.
"We take cyber security very seriously and there have been major improvements since the administration's cyber security strategy announced in 2003," he said.
Knocke said DHS has responded to "malicious cyber activity directed at the U.S. government over the past few years," and such activity is "growing more sophisticated and frequent."
The government is "re-competing" the Unisys contract and other contracts "to integrate it into a single contract that maximizes the tax payer's dollar."
And although Unisys can still compete for the contract, previous performance will be weighed, said Knocke.
Investigators: Homeland Security computers hacked - CNN.com
Investigators pointed a finger at a government contractor, saying the firm hired to protect DHS computers tried to hide the incidents from the department.
The FBI is investigating the incidents, a congressional staffer said, and two members of Congress have asked the department's inspector general to also launch an investigation.
"The results of our [committee] investigation suggest that the department is the victim not only of cyber attacks initiated by foreign entities, but of incompetent and possibly illegal activity by the contractor charged with maintaining security on its networks," Democratic Reps. Bennie Thompson of Mississippi and James Langevin of Rhode Island said in a written statement.
The lawmakers said committee investigators found dozens of DHS computers were compromised and the incidents "were not noticed until months after the initial attacks."
The extent of the damage is unclear, but a House Homeland Security Committee staff member said the hackers "took significant amounts of information."
"We know where it [the information] was taken from, but we don't know what was taken. We only know how many megabytes was taken," the staff member said. "Everything was on the LAN A, which was an unclassified network. To the best of our knowledge there was no classified information [taken]."
The Web site where the information was moved was described only as a "Web hosting service that connects to Chinese Web sites." The committee declined to say whether they were Chinese government sites.
In their letter requesting an investigation, Thompson and Langevin said that "contractors provided inaccurate and misleading information to Department of Homeland Security officials about the source of these attacks and attempted to hide security gaps in their capabilities."
The letter does not name the contractor, but a committee staffer identified it as Unisys Corp., which has a $1 billion contract to safeguard DHS computers.
In a written statement, Unisys disputed the allegations, which were made public Monday in a Washington Post article.
According to the House Homeland Security Committee, Unisys was charged with installing intrusion detection systems, but the systems were not fully deployed at the time of the initial incidents.
If they had been, "the initial intrusions may have been detected and prevented," Thompson and Langevin said.
"Unisys vigorously disputes the allegations made in today's article," the company said in a statement issued Monday, referring to the Washington Post story. "Facts and documentation contradict the claims described in the article, but federal security regulations preclude public comment on specific incidents."
"We can state generally that the allegation that Unisys did not properly install essential security systems is incorrect. In addition, we routinely follow prescribed security protocols and have properly reported incidents to the customer in accordance with those protocols."
Department of Homeland Security spokesman Russ Knocke declined to comment on allegations Unisys covered up evidence of hacking.
"We take cyber security very seriously and there have been major improvements since the administration's cyber security strategy announced in 2003," he said.
Knocke said DHS has responded to "malicious cyber activity directed at the U.S. government over the past few years," and such activity is "growing more sophisticated and frequent."
The government is "re-competing" the Unisys contract and other contracts "to integrate it into a single contract that maximizes the tax payer's dollar."
And although Unisys can still compete for the contract, previous performance will be weighed, said Knocke.
Investigators: Homeland Security computers hacked - CNN.com
