And there was me thinking the story was about the Port of London Authority...
PLA sysadmin gets six months house arrest for yanking US Army docs
A former People's Liberation Army soldier turned US defence contractor has been handed six months home detention after transferring classified material to a USB stick and deleting logs. Wei Chen, 62, of Massachusetts, was charged in July 2015 with making a false statement and damaging army computers after he was found …
COMMENTS
-
-
-
-
Tuesday 10th May 2016 17:20 GMT Anonymous Coward
"Most classified material is stunningly unimportant"
As someone who has held a security clearance in the past, I can say that while I was exposed to a lot of "Secret" classified material, not one thing I ever saw was something I would be worried if it got into the hands of China, Russia, Iran, ISIS etc. Were they things that conceivably could have been a problem if all sorts of other conditions were met? I suppose, but the over-classification has to make it more difficult to protect real secrets.
Not to mention that things that were in Hillary Clinton's mail that were also "Secret" are more likely to have actually been real secrets, but being classified at the same level as the unimportant IT details like IP addresses of SIPRNET servers makes a joke out of the whole thing. It is pretty obvious the secrets he had were worthless, given that he so clearly violated the law with the apparent intent to sell/give secrets to China but got six months house arrest. At age 62 all it means is he needs to he needs to begin his retirement with an indoor hobby before he can take up golf so it is hardly punishment at all.
Posting anon, just in case I ever need/want security clearance again, since the NSA probably has my Reg username linked to my real identity and a future background check could take a dim view of my lack of conviction that the "secrets" I was entrusted with were in any way important.
-
Wednesday 2nd November 2016 17:45 GMT Anonymous Coward
Re: "Most classified material is stunningly unimportant"
I have observed in the past that the more heavily classified something is, the more boring it is. If someone is actually asking about the fiddly (classified) details of what I'm working on, then either they work with me, or they're trying to pump me for intel. There is no-one who is actually interested in the classified
tediummaterial that I deal with - myself included.
-
-
Wednesday 11th May 2016 10:47 GMT rh587
Re: Six months only? House arrest, no jail?
Most classified material is stunningly unimportant.
Indeed. All the aircraft recognition stuff we were given in cadets was marked "Restricted", which was the lowest level of classification at the time. It basically meant they didn't put it on the internet. Every nation on Earth had it (and more no doubt) by virtue of buying a copy of Janes.
We did see some "confidential" marked slides at one stage on a summer camp, but it was fairly dry stuff on the first evening about camp standing orders/operating procedure, location of guard houses/security stuff, etc which I guess would be useful if you were planning a raid on the base, but stunningly boring otherwise (and much of it inferable from Google Earth if you looked closely enough).
Moreover, if it is prefixed "NATO" then everything moves down the scale.
You can assume that everyone including the PLA and Russians have had eyes on anything lower than "NATO Secret", just by virtue of it's wide distribution, there is going to be someone in one of NATO's 28 nations who is working for the other side.
-
-
-
Tuesday 10th May 2016 08:24 GMT Anonymous Coward
Re: Six months only? House arrest, no jail?
In December 2015, he pleaded guilty to making a false statement and damaging a U.S. Army computer.
It doesn't sound as if there was anything espionage related, only deleting the logs ("damaging a U.S. Army computer") and the false statement on the security clearance form.
So perhaps he was intending to use the thumb drive(s) to backup or copy files about within the organization or something like that, i.e. not to pass the data on to someone else.
-
-
Tuesday 10th May 2016 08:45 GMT allthecoolshortnamesweretaken
Hmm. I feel like there is something missing, it's all a bit thin, in the linked statements as well. I can get why he clicked 'no' on that form. I'm also assuming that his stint in the PLA had nothing to do with computers and was due to compulsory military service - if he is 62 now, that would have been some 40 years ago.
But everything else seems a little hazy.
-
-
Tuesday 10th May 2016 10:45 GMT I ain't Spartacus
Re: Duh.
It was probably a low-grade security clearance. Remember that classified secret isn't all that secret. Although in the UK the lowest classification is "restricted", don't know what it is in the US.
When the Manning/Weakileaks stuff came out, it was reported that something like 200,000 people had access to that database. There's no way you can postively vet that many people, so you just have to make sure that there's nothing in there too sensitive, and that you've got decent controls to stop people from dowloading huge chunks of it.
The kind of vetting that you give to people with access to really secret information is quite manpower intensive and takes months to do. It's simply not practical for lower level clearances. Relatives of mine have been postively vetted, and they were sending questionaires round the family (and I'd assume friends and professional contacts) - where they're looking to catch discrepancies that might suggest that lies have been told in the application process. I've also known someone who got a job at the MOD in June, and wasn't allowed to take up his post until October, to give time for his security clearance.
-
Tuesday 10th May 2016 14:10 GMT MonkeyCee
Re: Duh.
"I've also known someone who got a job at the MOD in June, and wasn't allowed to take up his post until October, to give time for his security clearance."
That's quick :)
Knew a chap who got a promotion, but needed a higher clearance* for it. Took ~18 months to get all the background checks done. He did get the higher pay back paid at the end, and got to very thoroughly train his replacement.
-
-
Tuesday 10th May 2016 14:08 GMT MonkeyCee
Re: Duh.
Secret is a very low level of security clearance. Maybe the lowest? But anyway, *I* have secret level clearance for US/UK/Can/Aus/NZ and that background check is less detailed than the ones for working with kids or a credit check. I've even been givn access to stuff that is top secret, which seems to about the level of detail you can find with a quick google.
Actual proper security clearances (which I don't have) take a while to get, and involve pretty much everyone you've ever been involved with from the age of 5 upwards getting interviewed, and confessing all your sins. Had some friends and colleagues get various levels of those, since I got interviewed by some suits for those. While they can't talk about the operational stuff other than in the most generic level (they are all in signals, so it can be assumed they have access to secure comms) some of the interview questions can be quite hilarious.
Having to recount all your homosexual experiences, and then being told you are omitting things because public schoolboys have special rules on what does and doesn't count, while the spooks just care about what could be used to blackmail you. But the general notion that some poor buggers have to go through all your sordid past, and let you know that there's a record somewhere of it all does make me giggle.
-
Wednesday 11th May 2016 11:09 GMT rh587
Re: Duh.
Secret is a very low level of security clearance. Maybe the lowest?
Don't know about the US.
In the UK we had UNCLAS < PROTECT < RESTRICTED < CONFIDENTIAL < SECRET < TOP SECRET
They streamlined that to OFFICIAL < SECRET < TOP SECRET, all of which can be sub-marked as "UK EYES ONLY" or CAUKUS ONLY or AUSCANZUKUS ONLY for stuff shared to Five Eyes.
There also exists the STRAP system. Anything properly interesting is often marked with varying levels of STRAP. STRAP is need-to-know system, so you need TOP SECRET (DV) clearance, but also need to know about that specific project or operation as opposed to more "widely" distributed material available to all TOP SECRET personnel.
-
-
-
Tuesday 10th May 2016 10:09 GMT Pseudonymous Diehard
deleting logs
Doesnt cover your tracks. It makes them deeper.
A glaring hole only makes me more interested and gives me a very specific window of time to investigate.
If you want to fool a sysadmin you need to make more noise over a broader period of time. Even then you're only slowing us down.
-
-
Tuesday 10th May 2016 22:22 GMT Vic
Re: I always
wondered if anyone who has to apply for clearance ticks yes on those really obvious first questions
I went to University with a girl who ended up needing a security clearance. One of the first questions was "are you now, or have you ever been, a communist?".
She answered "yes". And that was the end of that. Background checks had already found that out - and the people doing the vetting didn't actually care. She had told the truth - which was imperative - and wasn't in a position to be blackmailed because of her earlier political leanings[1]. She got her clearance.
Vic.
[1] I don't think she's a communist any more; she is substantially richer than I've ever been...
-
-
Tuesday 10th May 2016 10:44 GMT JeffyPoooh
"...connected....his own thumb drives....classified Secret-level network..."
"...connected one or more of his own thumb drives to computers at Camp Buehring that were connected to....the classified Secret-level network."
'Secret-level' computers with USB sockets not filled with epoxy? Not disabled by software? Not limited by 'Policy' to approved & encrypted memory sticks?
In this case, he was the Sys Admin. So hopeless...
-
Tuesday 10th May 2016 13:19 GMT Aodhhan
Think about it...
In this case, considering his background and the low level classification of the data taken (even information labeled "For Official Use Only" is considered classified) six months is appropriate.
Because he likely relied on connections back to China, releasing him with house arrest allows lettered agencies to monitor his communications and movement. There's more to gain by monitoring him and making his life a living hell than to put him in prison.
DoD System Administrators who primarily only work on the "Unclassified" networks only require a "Secret" clearance. Administrators who primarily work on networks classified at secret and above require a top secret clearance with access to SCI.
Since he only had a secret clearance, he likely didn't have direct access to highly classified information.