Report Details FBI’s Security Failings and Missed Spy Signals

The FBI failed to properly restrict about 500 sensitive cases, violated a presidential order requiring financial disclosures from employees and missed repeated warning signals that could have led to the arrest of spy Robert Philip Hanssen years earlier, according to a comprehensive review of the case released Thursday.

“As shocking as the depth of Hanssen’s betrayal,” the Webster commission said in its 117-page report, “is the ease with which he was able to steal material he has described as ‘tremendously useful’ . . . to hostile foreign powers.”

The commission’s long-awaited assessment of the Hanssen case--the most damaging episode of espionage in FBI history--ratcheted up demands for an overhaul of the culture and management practices at the nation’s premier law enforcement agency.

Sen. Patrick J. Leahy (D-Vt.), chairman of the Senate Judiciary Committee, said the findings of the blue-ribbon panel led by former FBI and CIA Director William H. Webster represent “an indictment of the failure of FBI leadership over the years to pay attention to security.”

Although FBI Director Robert Mueller has promised to make security a priority in the wake of the Hanssen scandal, Leahy said the Webster report should push Congress to mandate wide-scale changes on its own, including the expanded use of polygraphs on employees. Leahy’s committee begins hearings on the issue next week.

Hanssen, a counterintelligence agent at the FBI for a quarter-century, was arrested in February 2001, minutes after he left a batch of stolen secret documents for his Russian handlers at a park near his home in suburban Washington. He later pleaded guilty to espionage charges in a deal that spared him the death penalty.

The Webster report chronicles Hanssen’s 22-year career as a spy beginning in 1979, when he walked into a New York City company run by a Soviet military officer and dropped off a classified document containing information about the FBI’s penetration of a Soviet residential complex.

Hanssen received $20,000 for this and two other early “drops,” the report said, and he told investigators for the Webster commission that the money was his motivation. He said the mounting financial pressures of house payments in the New York City area, following his reassignment from Indianapolis, and later of putting six children through parochial school created “an atmosphere of desperation” that led him to become a spy.

“I wanted to get a little money and get out of it,” he told the commission.

Although Hanssen said he could have been an even more “devastating spy” if he had wanted, he acknowledged responsibility for the damage he did. “[T]here is no way that I can justify what I have done. It’s criminal and deceitful and wrong and sinful,” he said.

While Hanssen’s damage to national security has been well chronicled, the Webster commission appeared to give an assessment even more sobering than past analyses. It concluded that Hanssen compromised more than 50 technical operations, potential recruits and double agents, including several agents the Russians killed after discovering they were working for the Americans.

The 6,000 pages of documents and 26 computer diskettes that Hanssen sold the Russians in about 40 handoffs detailed “extraordinarily sensitive intelligence operations,” including the FBI’s technical penetration of a Soviet establishment, penetration of Soviet satellite transmissions, U.S. attempts to recruit Soviet intelligence officers, a limitation in the National Security Agency’s ability to read Soviet communications, budget projections and a detailed evaluation of U.S. double-agent operations, the report said.

The review found that the FBI missed numerous telltale signals that could have led to Hanssen’s detection, including his inconsistent explanations of how he paid for an expensive home addition.

The report found that the FBI’s case-file system, chock-full of sensitive information on ongoing investigations, can be easily accessed by unauthorized employees and fails to comply with the bureau’s own requirements for restricting secret data.

“Hanssen took advantage of this security failure to access approximately 500 case files that had not been appropriately restricted,” the report said.

Hanssen told the commission that a diligent check of his financial affairs might well have uncovered his espionage work much earlier.

But the commission concluded that the FBI has been routinely violating a presidential order that, in the wake of the Aldrich H. Ames spy scandal at the CIA in 1994, requires federal employees with access to classified information to consent to disclosure of finances.

“With the exception of certain senior personnel and members of the Senior Executive Service, the bureau does not require employees or contractors to complete a financial disclosure form,” and the basic information that is required is often of little real value, the report said.

The commission recommended several dozen fundamental changes in the way the FBI maintains security, including the expanded use of polygraph tests for employees, the restriction of information on a “need to know” basis and the restructuring of security operations.

The recommendations range from the highly technical to the rudimentary. For instance, the report recommends that “classified information should be placed face-down when persons not authorized access are nearby.”

Mueller, who has already put in place a CIA security specialist to oversee the make-over, said in an statement Thursday that he welcomes such a change. “We must capitalize on this historic opportunity to make badly needed improvements.”