When it asks for a password, just hit "return"

A consultant hacks into the FBI's computer systems.

Published July 6, 2006 1:44PM (EDT)

We'd say that the FBI's computer problems are legion, but that would risk giving a bad name to legionnaires everywhere.

Last year, the bureau scrapped a computer system that was supposed to help connect the dots in a way the bureau failed to do before 9/11 -- but only after it dumped $170 million in the project that never worked. A $400 million or $500 million replacement system is in the works, but the bureau's inspector general reported earlier this year that the FBI still lacks sufficient staff to ensure that the system will come in on budget or with the information-sharing capabilities it needs.

And then there's this. As the Washington Post reports this morning, a government consultant using "computer programs easily found on the Internet" managed to break into classified portions of the FBI's computer system in 2004 and, in the process, gain access to the Witness Protection Program, some of the FBI's counter-terrorism files and the passwords of nearly 40,000 FBI employees.

In court filings, the 28-year-old consultant says he used the passwords and other tricks to get around bureaucratic obstacles and other problems that prevented him from performing simple tasks such as installing new printers for the bureau. He said that agents in the Springfield, Va., FBI office approved of his actions.

The consultant, Joseph Colon, has entered into an agreement with prosecutors under which he has pleaded guilty to four counts of intentionally accessing a computer while exceeding authorized access and obtaining information from any department of the United States, the Post says.

An FBI spokesman tells the Post that it has instituted a new "comprehensive and proactive security program'' and ordered all FBI employees and contractors to undergo more training on computer security. Oh, and the bureau's new attempt at building a virtual case management system? It's called "Sentinel."

All of which reminds us of something else we read the other day: Nearly a year after Homeland Security Chief Michael Chertoff announced the creation of the position of cyber-security czar within DHS, the job remains empty.

By Tim Grieve

Tim Grieve is a senior writer and the author of Salon's War Room blog.

MORE FROM Tim Grieve

Related Topics ------------------------------------------

Computers Fbi War Room