By Ethan Barton
Sensitive information about nuclear plants and materials could be compromised because the Defense Nuclear Facilities Safety Board – a federal advisory agency – doesn’t protect its documents and hasn’t updated its document security rules since before 9/11.
The safety board allows all of its computer network users to “access and manipulate” sensitive documents called “unclassified controlled nuclear information,” which “pertains to the design of facilities that produce or use special nuclear material,” the Nuclear Regulatory Commission Inspector General said in a report made public Tuesday.
“As a result, security related information is at greater risk of unauthorized disclosure or compromise,” the report said.
Only one of 280 safety board documents the IG found containing nuclear information was password- protected. The safety board doesn’t require such protections on nuclear information documents.
“Moreover, organizational culture reportedly supports the assumption that agency staff trust one another to enforce the need-to-know principle” – a policy that requires only the necessary personnel to have access to sensitive documents, the report said. “Additionally, a lack of technical controls designed to prevent modification of documents containing UCNI could in turn compromise the integrity and reliability of this information.”
Also, the safety board’s “main information security guidance is incomplete and does not address key points for protecting sensitive unclassified information,” the report said. “This occurs because DNFSB has not updated its primary information security guidance since May 2000.”
The missing guidance includes “key points for sensitive unclassified information protection such as management of information security breaches and protecting data that is processed electronically,” the report said. The vulnerable data includes the unclassified nuclear information and personal information about agency employees.
“Having current and complete guidance is important for DNFSB staff to understand and uphold their information security responsibilities,” the report said.
The five-member board – which was created by President Reagan and Congress in 1989 – oversees nuclear safety at 14 Department of Energy defense nuclear facilities, including the Los Alamos and Lawrence Livermore national laboratories and the Nevada National Security Site.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact firstname.lastname@example.org.