ad info technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  




Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent



More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections


4:30pm ET, 4/16










CNN Websites
Networks image

EPA closes Web site after security risk found by congressional investigators


Critic: Weaknesses could have national security implications

February 17, 2000
Web posted at: 7:45 p.m. EST (0045 GMT)

WASHINGTON (CNN) -- A computer security risk has prompted the Environmental Protection Agency to shut its Internet Web site temporarily, officials with the House Commerce Committee reported Thursday.

Both the EPA's public Web site and an internal computer system had been closed the night before after committee chairman Tom Bliley, R-Virginia, threatened to publicize the findings of a General Accounting Office (GAO) probe he had ordered.

Bliley told CNN on Wednesday that "a high school kid can get in there. And I mean you are talking about very secret things. You're talking about their accounting records, you're talking about everything."

The congressman said the security problems were so serious that he postponed a public hearing scheduled Thursday with GAO testimony in order to give the EPA time to, in his words, "act responsibly."

EPA officials said the systems have been closed temporarily so engineers can install "firewalls" -- systems to block unauthorized access.

EPA spokesman Steve Snider on Thursday said the security upgrades had been already under way but that Bliley's tactic forced the agency to shut down the systems to preclude any attacks.

The agency's security problems had national security implications, according to one of Bliley's committee staffers.

Steve Schmidt said hackers probing internal EPA computers could have provided terrorists with information supplied by industry as to the vulnerabilities of their power plants, chemical factories and other potential targets.

Bliley has been critical of what he has said is a lax attitude toward computer security by the Clinton administration in general and specifically by EPA Administrator Carol Browner, whose agency is overseen by Bliley's panel.

EPA officials said the Web site, accessed millions of times over the course of any given month, will be down for a week or two until an ongoing security upgrade program is complete.

"Having the Web site down is a major inconvenience," said Snider in a telephone interview Thursday.

He said the agency continues to function but is unable to receive certain information from industry sources that is normally delivered via e-mail and the Internet.

Snider said the EPA is not getting compliance reports on oil spills, air pollution monitoring and other regulatory summaries from outside sources.

In testimony prepared for delivery at the postponed hearing, GAO associate director David McClure wrote that the weaknesses "affect the security of all the EPA operations that rely on them," not just public access to an Internet site.

He cited EPA records documenting several "serious" computer breaches during the past two years that "resulted in damage and disruption to agency operations."

McClure's written testimony also describes how GAO technicians explored the EPA's system and found a wide range of problems, including possible intrusions via the Internet and a long-term pattern of poor security planning.

Producer Paul Courson and Reuters contributed to this report.

Clinton administration develops Internet security proposals as investigators pursue hackers
February 16, 2000
FBI follows Internet chat room leads in hacker probe
February 15, 2000
Clinton fights hackers, with a hacker
February 15, 2000
Banks warned of impending Web attacks days before they happened
February 15, 2000
President to announce creation of national cyber security center
February 14, 2000
Hacker hunters follow lead to Germany
February 13, 2000
Consulting firm says its server was used to attack AOL
February 11, 2000
FBI agents focus on university, business computers as cyber-attack launch pads
February 10, 2000
Denial of service hackers take on new targets
February 9, 2000

EPA Web Site
Federal Bureau of Investigation
National Infrastructure Protection Center: CyberNotes
HNN - HackerNewsNetwork

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


Back to the top  © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.