Tech security at LAX is deemed insufficient
Computer systems and telecommunications equipment used by federal agencies for security operations at Los Angeles International Airport are vulnerable to theft, tampering and failure, according to a new report by the U.S. Department of Homeland Security.
In an evaluation released this month, the department’s Office of Inspector General found weaknesses in the information systems used by Customs and Border Protection, Immigration and Customs Enforcement, the Transportation Security Administration and the Coast Guard.
“The information technology security controls as implemented at [LAX] have deficiencies that, if exploited, could result in the loss of confidentiality, integrity and availability of the information technology systems,” Homeland Security inspectors said.
According to the inspector general, the agencies in question have agreed with the report’s findings and plan to implement most of the recommendations to better protect their information and telecommunications systems.
“The Transportation Security Administration appreciates the Office of Inspector General’s effort on this evaluation and will use the report to improve technical security at LAX,” said Nico Melendez, a TSA spokesman in Los Angeles. He added that work on some of the changes began last year.
The report, which has been heavily redacted for national security purposes, states that telecommunications and computer equipment were left unguarded and had poorly protected passwords, which could allow hackers to tamper with databases or gain access to confidential information.
In addition, the inspector general found a lack of protective measures, such as ventilation systems, water sprinklers and fire extinguishers, to prevent communications and computer equipment from being knocked out in the event of hot weather, fires or earthquakes.
Furthermore, Homeland Security uncovered examples of unrestricted access to computer equipment rooms, inadequate vulnerability assessments and a lack of safe storage for sensitive data.
The inspector general’s report cites an August 2007 incident at LAX in which customs officials had a network outage that stalled operations for more than 10 hours and disrupted the travel of 17,000 passengers. The airport’s terminals filled with travelers waiting to be processed, while other passengers were forced to stay on planes for hours after their international flights had landed.
According to the report, the outage was aggravated by outdated information technology that did not have a backup network or an alternative power source. Customs and Border Protection officials say they have taken steps to prevent similar occurrences.
Jenny L. Burke, a spokesperson for Customs and Border Protection, said security remains a top priority and the agency is applying the lessons it learned at LAX to other operations around the country, including seaports.
Included in the inspector general’s report is the photo of an open door leading to a computer server room at the El Segundo field office of Immigration and Customs Enforcement, which participates in the investigation of illegal exports. Homeland Security officials found that the door was always open because the room did not have a ventilation system to keep the equipment from overheating.
The inspector general concluded that security at the ICE facility was weak because there was wide access to the room, which increased the potential for the loss or theft of mission-related information. “Anyone entering the server room would have access to ICE backup tapes, server, router and switches because they are not stored in a locked cabinet,” the report stated.
--
Start your day right
Sign up for Essential California for news, features and recommendations from the L.A. Times and beyond in your inbox six days a week.
You may occasionally receive promotional content from the Los Angeles Times.
