Dangerous Déjà Vu

When it was discovered on June 7 that “two
items of Classified Removable Electronic Media (CREM)” containing
top-secret nuclear-weapons data were missing from the Weapons Physics
Directorate at Los Alamos National Laboratory in New Mexico, members of
Congress and veteran counterterrorists had an unsettling sense of déjà
vu.

Lax security has been a decades-old problem
at the nation’s premier nuclear-weapons laboratory. In the past, the
fear had been that the research center run by the Department of Energy
(DoE) was being infiltrated by terrorist-supporting states. Today the
worry is infiltration by terrorist groups themselves.

Los Alamos Lab Director Pete Nanos, tired of
recurring security lapses, blamed “cowboys” who repeatedly disobey laws
requiring the protection and handling of top-secret nuclear materials.
“I don’t care how many people I have to fire to make it stop,” he
angrily stated, adding in a memo to lab employees: “If you think the
rules are silly, if you think compliance is a joke, please resign now
and save me the trouble.”

Nanos took the unprecedented step on July 16 of virtually halting all work on classified programs.

“We are doing this as part of an effort to
ensure this laboratory operates safely and meets our national security
obligations,” Nanos said in his memo.

Terrorist penetration of US nuclear weapons
labs has been a growing concern for years. According to senior federal
law-enforcement sources, the FBI warned security and civilian chiefs of
the nation’s nuclear-weapons labs that they were a prime target of
Osama bin Laden’s terrorist network even before the tragic events of
Sept. 11, 2001.

A former senior Pentagon official who dealt
with nuclear labs for many years told me that, in his opinion, too many
of the country’s nuclear-weapons scientists have had a cavalier
attitude toward security going as far back as the 1980s. Congress’
investigative arm, the General Accounting Office (GAO), even documented
serious breakdowns in the security at labs covering visits by
scientists from other countries. Prior to the first Gulf War, Iraqi
weapons scientists were warmly welcomed.

A personal interest

It’s not only experts, congressional staffers
and counterterrorists who are getting a sense of déjà vu from the
latest Los Alamos revelations—I get the willies, too, when I look back
on my own experience reporting on security breaches. And therein lies a
tale.

The seriousness of the potential for
terrorist penetration of US nuclear labs disturbingly came to light in
early 2002 during the course of my research for another publication,
Insight magazine. At that time, I and two colleagues, Paul Rodriguez,
the managing editor, and Martin Anderson, a contributing writer,
learned that FBI agents had secretly swooped into the DoE’s University
of California-managed Lawrence Livermore National Laboratory (LLNL) in
late February to investigate a Pakistani scientist working on a
super-secret nuclear-research project.

“The ramifications of this are quite
significant,” said one of two sources who confirmed the story at the
time. Alarm bells sounded at the highest levels in the intelligence
community and at the White House.

The allegedly compromised system was the
Nuclear Weapons Information Program (NWIP). Though publicly mentioned
in a 1995 LLNL website press release concerning upgrades to the lab’s
computer systems to make it easier for scientists to coordinate and
share information on nuclear weapons research, design, production, and
testing, few actually know the true nature of this extraordinary and
highly classified project. “This is one of the most classified projects
on earth given what its mission is,” a well-placed source said of the
NWIP.

In the July/August 1999 issue of The Bulletin of the Atomic Scientists,
Dan Stober wrote in an article, “Steal This,” that the NWIP “may be the
most attractive nuclear espionage target ever developed. All of the
nation’s most important nuclear-weapons secrets are being collected,
catalogued, indexed, cross-referenced and put, as a neatly tied
package, into a unified electronic database.”

Indeed, the NWIP is the single repository of
all US knowledge concerning every aspect of America’s nuclear
arsenal—capabilities, weaknesses, developments, strategy and new
technologies. This includes what’s in the head of every living
scientist involved in the

US nuclear-weapons program—a sort of detailed oral history of everything anyone knows that is not written down.

Stober said the NWIP is “a point-and-click
computer network of weapons knowledge so complete that its theft by
foreign spies [or terrorists] would constitute a loss of virtually
every nuclear-weapon design secret possessed by the United States. The
information base is a multi-media, how-to manual for every weapon in
the US nuclear arsenal, from blueprints and data from hydrogen bomb
tests to video interviews with the physicists and engineers who
designed them.

According to a former senior DoE official,
the NWIP actually began as an oral-history project in which
high-ranking nuclear-weapons scientists were called back into federal
service and debriefed about critical issues concerning atomic-bomb
development. The detailed historical knowledge was considered vital for
reconstructing successive steps in the weapons’ development due to
scientists’ inability to contemporaneously replicate previous
explosions because of a ban on underground nuclear-weapons testing.

“Any compromise of this information is
serious from a number of different perspectives,” the official said,
explaining “it could tell other countries’ scientists about how the US
developed its weapons at a time when our technology was similar to
theirs—as with Pakistan today, whose nuclear program is similar to
America’s early weaponry … It can save them all sorts of problems,
allowing them to avoid getting lost in back alleys or from getting lost
in cul-de-sacs.”

Although GAO had documented glaring holes in
the security of classified programs and materials at LLNL as far back
as 1990, DoE officials were said to be stunned by the implications of
the latest suspected security breach of the NWIP—the assembly of
virtually every single US nuclear secret into one mega-computer
database.

In The Bulletin of the Atomic Scientists,
Stober had reported years earlier that, “according to Bill Bookless, a
weapons physicist who is in charge of Lawrence Livermore National
Laboratory’s contribution to the [NWIP], some participants have argued
that the security risk is simply too great and the project should be
abandoned.”

The person suspected in the NWIP security
breach at LLNL—who may even have become a US citizen—popped up as a
security threat following discovery of potentially compromising family
ties. The man, a Pakistani, had “been under surveillance for an
unspecified period of time,” a source told me at the time of my 2002
investigation.

FBI counterintelligence didn’t want to make
the same kind of mistake it had made with Felix Bloch, a US diplomat
whom authorities suspected of spying in the mid-1990s. Bloch was nabbed
before the FBI could confirm the identity of his suspected handlers and
contacts. Though investigated and subject to public allegations of
spying, a court case was never brought. The FBI’s inability to bring
charges, which also was evident in the Wen Ho Lee case at the Los
Alamos nuclear facility, needed to be avoided.

Investigators in the Livermore case
conducting routine security sweeps are said to have discovered that
their Pakistani suspect had engaged in suspicious activities that were
registered by classified computer access logs. This portion of the
investigation was confirmed by a civilian source familiar both with the
weapons program and the incident in question.

“It is being treated as a high-level security
breach investigation,” one source said. Of apparent concern was the
fact that the Pakistani scientist had not revealed—or not revealed
sufficiently—family ties in Pakistan. Some family members allegedly
work for that country’s intelligence agency, the Directorate for
Inter-Services Intelligence (ISI).

“When we found out about this it set off
alarm bells everywhere” because of US intelligence suspicions that
elements within ISI actively supported and protected the Taliban in
Afghanistan and helped to train both Al Qaeda terrorists and Osama bin
Laden’s supporters. ISI factions also are suspected of helping
terrorist groups after 9/11.

The ISI also is reported to be in close
communication with its Chinese counterparts. In recent years, Pakistan
has been a major ally of the People’s Republic of China, which,
according to US intelligence, has helped Pakistan develop modern
nuclear weapons. Hence, the alarms over any linkage between the
Livermore scientist and family ties to ISI.

Initially, the DoE had no comment, but later
categorically stated there was no substance to Insight’s reporting.
Meanwhile, FBI headquarters in Washington referred all calls to its San
Francisco office, where officials said no arrests had been made nor
would they reveal the existence of a probe one way or the other.

In testimony before the House Armed Services
Committee in April 2002, soon after we broke the story, DoE Secretary
Spencer Abraham denied our report that the FBI was probing a possible
penetration by the Pakistani intelligence service of LLNL’s
ultra-secret nuclear-weapons information program. However, three
separate information streams—California law enforcement, senior DoE
officials and members of the intelligence community—all confirmed to HSToday
that the FBI was investigating the ties of a Pakistani national
employed by the lab to relatives working with the ISI. At the time, DoE
sources reported that a Foreign Intelligence Surveillance Act (FISA)
warrant had been sought and that the FBI had expanded its hush-hush
probe of the incident together with LLNL security personnel.

Rep. Curt Weldon (R-Pa.) took advantage of
Abraham’s appearance before the committee to ask him whether the FBI
was conducting any kind of investigation at LLNL. Abraham denied
knowing about any ongoing investigation into the alleged security
breaches. After the hearing, Weldon told us: “I plan on pursuing these
allegations and getting to the bottom of them. Security at our national
labs is too critical to let lapses such as these occur.”

Rep. Ed Markey (D-Mass.) issued a statement
saying, “If true, [these allegations] paint a very disturbing picture
of security at Livermore.”

Though Abraham denied to Weldon that
nuclear-weapons security had been breached, counterintelligence and
law-enforcement officials in Washington and at Lawrence Livermore hotly
contested Abraham’s claim.

At the time, our team also uncovered serious
contradictions in official responses about a suspected espionage
incident the previous summer given by LLNL spokespeople and a nearby
police agency responsible for uncovering it.

Within months of our reporting, egregious
security lapses at LLNL and the university’s constant denials had
pushed Abraham’s patience to the breaking point. “The Energy Department
views security as the critical responsibility of the national
laboratories,” Abraham said, fuming, “and we treat any lapse or failure
as significant.”

The roar of the tiger team

Demanding “immediate corrective action,” the
DoE chief took the unprecedented step of quickly dispatching an elite
security team, known as a “Tiger Team,” to assess whether DoE should
take over direct responsibility for security at Livermore. Tiger Teams
are special groups within DoE that audit nuclear facilities. The Team
consists of 10 to 15 experts in a broad range of areas who show up at a
nuclear facility unannounced. The teams have top-secret clearance and
authority and cannot be refused access to any part of a facility.

(US nuclear weapons lab security holes were
supposed to have been plugged by Congress’ creation on March 1, 2000 of
the National Nuclear Security Administration (NNSA), a semi-autonomous
agency within DoE responsible for the nation’s nuclear weapons, nuclear
nonproliferation activities, and naval reactors programs. NNSA was
established to correct long-standing management and security problems
at DOE’s nuclear facilities.)

The Tiger Team was ostensibly focused on the
revelation that in April a lost set of security keys had gone
unreported to senior lab management for three weeks. However, they were
also sent in response to the post-9/11 security breaches at LLNL and an
unclassified report prepared in May by the CIA’s intelligence
directorate warning that terrorists may try to use crude nuclear
devices against the United States.

A week before the keys disappeared, a
security officer’s access badge also vanished—another serious security
breach that went unreported to senior lab management for six weeks.

The Tiger Team included Greg Rudy, DoE’s
chief of defense nuclear security, and intelligence veteran Glenn
Podonsky. They were given the task of probing long-standing accusations
by LLNL security officials that the assigned special response (SWAT)
team was unprepared to defend the lab.

“I am disturbed by evidence that other
managers in the chain of command have been lax in identifying and
reporting potentially serious security problems,” said NNSA
Administrator Linton Brooks. “That this is occurring in the current
atmosphere of heightened security awareness is unacceptable.”

As the team began its probe in early June
2002, a lab insider told us that tensions ran so high “you could hear
yelling and screaming” at the meetings held with LLNL officials. Three
senior lab-security officials were suspended pending an investigation.

The Cleveland connection

LLNL’s security problems also came on the
heels of the resignation of retired FBI agent William Cleveland Jr.,
who went to work as head of LLNL counterintelligence following his 1993
retirement from the FBI. Cleveland, who worked for the bureau in San
Francisco, headed several investigations into Chinese espionage,
including “Tiger Trap,” which involved the suspected illicit transfer
of classified information on the neutron bomb by at least one
Chinese-native scientist working at Livermore.

According to press reports and court records,
while still with the FBI, Cleveland became sexually intimate with
49-year-old Los Angeles businesswoman and socialite Katrina Leung, an
alleged Chinese double agent who also was linked romantically to former
FBI counterintelligence official William Smith, for whom Leung acted as
an FBI informant. The FBI paid her nearly $2 million for her services.
According to court documents, Cleveland, while still working for the
FBI, tipped off Smith that Leung may have been working for China’s
Ministry of State Security.

In May 2003, Leung was charged in a
five-count indictment of obtaining, copying and retaining documents
connected with US national defense without authorization. The charges
followed a six-count indictment against Leung’s longtime FBI handler,
James Smith. Federal prosecutors alleged Leung engaged in a 20-year
sexual affair with Smith, who recruited her to spy on the People’s
Republic of China. Last May, Smith pleaded guilty to making false
statements to the FBI when he failed to disclose his sexual
relationship with Leung.

Pre-trial motions continue to be litigated in Leung’s case, and she is expected to go to trial in 2005.

For ten years, Cleveland, who held an elite
DoE nuclear-weapons Q-level security clearance, served as head of
LLNL’s Security Awareness for Employees (SAFE) program, which
identifies foreign-intelligence threats, briefs lab officials traveling
to other countries and gathers information about espionage. When the
Leung scandal broke, DoE stripped Cleveland of his clearance, his lab
equipment was confiscated and his office sealed.

At the time, LLNL officials professed to see
no connection between Cleveland’s retirement and either incident
involving the keys or the access badge, although former FBI agents said
security at the laboratories might have been compromised through
Cleveland’s association with Leung.

“My understanding,” LLNL Director Mike
Anastasio told reporters, is that both the NNSA and an internal LLNL
review “are intended to look at the broad security-management issues at
the laboratory, and I don’t believe Bill Cleveland or any issue about
Bill Cleveland is pertinent here.”

However, formal investigations of the myriad
security problems at LLNL found a potential espionage case involving a
Chinese national employed at the lab may have been covered up after a
report documenting the incident disappeared from official files. Lab
security officers confiscateda Kodak camera and a Sony tape
recorder—both prohibited on lab premises—hidden under a blanket during
a search of the trunk of the suspect’s vehicle, as well as a briefcase
containing a laptop computer that held classified information belonging
to another lab employee.

Inexplicably, senior LLNL officials ordered
the detainee to be released and his access to the lab restored; the
officer who discovered the contraband in his car later was fired.
Cleveland “was responsible for investigating such incidents at
Livermore atthe time,” the official report noted.

On June 7, 2001, we learned that federal
police officers at the Camp Parks military-reserve training camp near
LLNL found two file cabinets near the base that contained classified
information pertaining to Livermore. In addition to top-secret
documents from Livermore, there also were maps and photos, Iranian
passports and virulent anti-American hate literature from the Islamic
Jihad. LLNL security personnel reported that a woman who was divorcing
her husband, a US naval officer who worked in the service’s
nuclear-physics program, had left the file cabinets at the facility.
David Schwoegler, then LLNL spokesman, denied that the file cabinets
contained sensitive information and said the classified materials were
returned to the Camp Parks police to be given back to their owner as
“abandoned property,” a version of events officially denied by the
military police.

A memo from Terry Turchie, an LLNL SAFE
official, stated that “the abandoned property was provided to the
University of California police at LLNL and subsequently evaluated by
the SAFE office and the FBI San Francisco. There was no information
contained in the documents that were of any counterintelligence
concern.”

Turchie’s report on the incident did not
mention, however, that several days after discovery of the file
cabinets, five large boxes containing documents from three national
laboratories and DoE, and five additional passports belonging to
individuals from the Islamic Republic of Iran, also were found at the
military installation. According to senior security officials connected
to the investigation, the boxes were sealed with evidence tape and sent
to Livermore, where they were held for several days and
returned—unopened—to Camp Parks.

According to insiders familiar with the
matter, everyone involved in the Camp Parks discoveries was ordered to
sign national-security non-disclosure forms prohibiting them from
discussing what they knew. Cleveland’s role in SAFE’s participation in
the investigation remains unclear.

Subsequently, we were told, the DoE inspector
general’s office confirmed to LLNL officials that the recovered
documents were indeed top secret and that the matter was being treated
by all, including the FBI, as a major security failure—this after LLNL
tried to dismiss the matter as inconsequential.

LLNL also tried to downplay the seriousness
of Inspector General Gregory Friedman having determined that LLNL lost
nine master keys and three magnetic key cards to the facility—and, in
some cases, didn’t know why or how long they had been missing.

The lab has since been forced to replace
about 100,000 locks in 526 buildings, according to the inspector
general’s report on the matter, at a cost to taxpayers of about $1.7
million.

Friedman chastised Livermore for not having
adequate measures in place to ensure such incidents are reported in a
timely manner—or to readily identify and address any potential
vulnerabilities.

Livermore spokesman David Schwoegler said the
lost keys presented only “minimal increased risk to classified
information,” thanks to redundant security systems, and that there is
no evidence security has been breached. The missing keys opened the
lab’s perimeter gates and some classified areas. HST

Anthony Kimery is senior correspondent for HSToday. His online Kimery Report and breaking news can be read at www.HSToday.us.

Sen. Chuck Grassley weighs in

On July 24, 2003, Sen. Chuck Grassley (R-Iowa)
testified before a subcommittee of the House Government Reform
Committee that: “Without swift and decisive corrective action, a lab
could easily be converted to a very dirty bomb and blown up in our
face. This situation is totally unacceptable. … To criminals and spies,
the labs must be like a candy store with the front door left wide open
and nobody at the register. And the terrorists must be licking their
chops.”

Grassley continued: “[O]ver the past eight
months, five whistleblowers from two labs have come to my office with a
laundry list of horror stories. Four of the whistleblowers were fraud,
waste, and abuse investigators; one was Operations Chief of the
Protective Force. All have been threatened with reprisals and removed
from their jobs for committing truth. The information they have given
me is compelling. I could not turn my back on these brave soldiers for
the truth. I had to get involved and help.”

Further, Grassley said, “once the information
began pouring into my office, I started writing letters to Secretary
Abraham. So far I have sent him five letters. My letters… summarize
the most egregious allegations. There is a list of 102 different
security investigations…conducted between 1997 and 2003.”

But, disturbingly, Grassley testified that,
“for the most part, these are aborted investigations—investigations
that went nowhere because of orders from above.”

Among the security holes documented by
Grassley and Congress’ investigative arm, the GAO—which began probing
nuclear lab security in 2001:

  • An FBI surveillance operation captured at least a dozen
    members of the security force engaging in misconduct on videotape,
    including sleeping on duty.
  • A member of the guard
    force was caught on FBI videotape stealing computer components and
    later sold them to supervisors at below-market prices.
  • Sensitive
    facilities—like inside the reactor area—and the SCIF [Sensitive
    Compartmented Information Facility] are left unlocked and/or unalarmed
    at night.
  • Activated alarms in highly secure areas
    trigger no response; guards simply re-set alarm circuits in the command
    center and make no attempt to investigate possible intrusions. An
    evaluator performed jumping jacks in a nuclear reactor area to activate
    alarms and test guard response, but there was no guard response.
  • A
    Verizon maintenance van parked inside a classified area was stolen at
    5:00 AM and crashed through perimeter fences in what is characterized
    as a “high-risk” exit. The van was discovered in the parking lot of a
    nearby Home Depot store. There are no clues as to why the van was
    stolen, but its theft coincides with the disappearance of a classified
    Sun computer system from [a] SCIF. Investigators were unable to check
    alarm data because the protective force radio and telephone recording
    system was turned off.
  • An FBI sting operation
    recovered large numbers of stolen lab laptops and CIA computers from
    Doctor Dan’s chop shop in Albuquerque. Computers are stripped of serial
    numbers, chopped up and re-sold. Computer losses at one lab are
    estimated at $700,000 per year. The prime suspect is still employed at
    the lab.
  • Plutonium was reported missing at Los Alamos.

Most disturbing is Grassley’s testimony that
“the typical management MO [modus operandi] at the labs works something
like this: Quash the investigation; sweep it under the rug—fast; and
shoot the messenger. One source says the lab MOis: ‘deny everything
and make counteraccusations.’ Revelations about security breaches are
an embarrassment to the lab. They are suppressed at all costs and never
reported up the chain of command.”

He concluded: “When the presence of foreign
agents is coupled with missing keys for every lock at two labs, and
unauthorized photography is going on in the lab’s most sensitive area,
the SCIF, and a van is stolen from a classified area at 5:00 AM and
crashes through perimeter fences and coincidentally a classified
computer is missing from the SCIF, and top management calls it ‘monkey
business,’ I fear the worst.”

(Visited 28 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply