Information Security: Vulnerabilities in DOE's Systems for Unclassified Civilian Research
Abstract
The Department of Energy (DOE) oversees a multibillion-dollar investment in civilian research and development programs at 15 laboratory facilities nationwide. The unclassified information systems that support these programs were designed to facilitate a broad exchange of data and information among scientists around the world. Although unclassified, some of the information in these systems is nevertheless sensitive and requires protection from inappropriate access. As a result of the growth of the Internet in recent years, these unclassified systems at the DOE laboratories have become increasingly vulnerable to security threats. If exploited, such vulnerabilities could lead to loss or corruption of valuable scientific data, damage to information systems, or disruption of the laboratories' science program operations. According to laboratory officials, such disruptions could cost millions of dollars per day in lost scientific research. Given the importance of these information systems, the General Accounting Office (GAO) was asked to review the security of information systems that support DOE's unclassified civilian research programs. GAO's specific objectives were to determine (1) whether DOE's unclassified systems for civilian research are vulnerable to unauthorized access, (2) whether DOE is effectively managing information systems security, and (3) what DOE is doing to address the risk of unauthorized access to unclassified systems for civilian research.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 01, 2000
- Accession Number
- ADA381890
Entities
Organizations
- United States Government Accountability Office