US probes whether laptop copied on China trip
WASHINGTON (AP) - May 29, 2008 Surreptitious copying is believed to have occurred when a laptop
was left unattended during Gutierrez's trip to Beijing for trade
talks in December, people familiar with the incident told the AP.
These people spoke on condition of anonymity because the incident
was under investigation.
Gutierrez told the AP on Thursday he could not discuss whether
or how the laptop's contents might have been copied.
"Because there is an investigation going on, I would rather not
comment on that," he said. "To the extent that there is an
investigation going on, those are the things being looked at, those
are the questions being asked. I don't think I should provide any
speculative answers."
A Commerce Department spokesman, Rich Mills, said he could not
confirm or deny such an incident in China. Asked whether the
department has issued new rules for carrying computers overseas,
Mills said: "The department is continuing to improve our security
posture, and that includes providing updates, guidances and best
practices to staff to maintain security."
It was not immediately clear what information on the laptop
might have been compromised, but it would be highly unorthodox for
any U.S. government official to carry classified data on a laptop
overseas to China, especially one left unattended even briefly.
Modern copying equipment can duplicate a laptop's storage drive in
just minutes.
The report of the incident is the latest in a series of
worrisome cyber security problems blamed on China and comes at a
sensitive time, with looming trade issues between the countries and
special attention on China over the upcoming summer Olympics.
Gutierrez returned just weeks ago from another trip to Beijing,
where he noted he had "traveled here more than to any other
foreign city during my tenure as commerce secretary."
In the period after Gutierrez returned from China in December,
the U.S. Computer Emergency Readiness Team - known as US-CERT, some
of the government's leading computer forensic experts - rushed to
the Commerce Department on at least three occasions to respond to
serious attempts at data break-ins, officials told the AP.
"There's nothing to substantiate an actual compromise at this
time," said Russ Knocke, spokesman for the Department of Homeland
Security. Knocke said he was unable to find records of a DHS
investigation. He said US-CERT workers have visited the Commerce
Department eight times since December, but none of those visits
related to laptops or the secretary's trip to China. He said the
US-CERT organization works routinely with all U.S. agencies.
The FBI declined to comment.
It wasn't clear whether leaving the laptop unattended violated
U.S. government rules. Some agencies, such as Homeland Security,
routinely provide officials with sanitized laptops to carry on
trips overseas and require them to leave in the U.S. their everyday
laptops, which might contain sensitive information. Some former
Commerce officials told the AP they were careful to keep electronic
devices with them at all times during trips to China.
"We have rules in place," Gutierrez said. "We have procedures
that people go through before they travel. So, there is a very
significant process in place. Technology is obviously moving very
quickly, and we have to move very quickly with it. But all of that
is something that we are going through."
A senior U.S. intelligence official, Joel F. Brenner, recounted
a separate story of an American financial executive who traveled to
Beijing on business and said he had detected attempts to remotely
implant monitoring software on his handheld "personal digital
assistant" device - software that could have infected the
executive's corporate network when he returned home. The executive
"counted five beacons popped into his PDA between the time he got
off his plane in Beijing and the time he got to his hotel room,"
Brenner, chief of the office of the National Counterintelligence
Executive under the Office of the Director of National
Intelligence, said during a speech in December.
Brenner recommended throwaway cellular phones for any business
people traveling to China.
"The more serious danger is that your device will be corrupted
with malicious software that takes only a second or two to download
- and you will not know it - and that can be transferred to your
home server when you collect your e-mail," he said.
The Pentagon, State Department and Commerce Department all have
been victimized by widespread computer intrusions blamed on China
since July 2006. Defense Secretary Robert Gates confirmed in
September that parts of the Pentagon's unclassified e-mail system -
used by Gates and hundreds of others - were disrupted in June 2007
due to a break-in.
The Commerce Department break-ins have been so serious that its
Bureau of Industry and Security, which regulates exports of
sensitive technology that might be used in weapons, effectively
unplugged itself from the Internet.
Workers were instructed to use a few laptops placed around the
office that are isolated from the department's network, even to
search for public information using Google's Web search engine.
"We have discovered a number of very serious threats to the
integrity of our systems and data," wrote then-Deputy
Undersecretary of Commerce Mark Foulon to employees in an e-mail
obtained by AP under the Freedom of Information Act. He said the
department was not the government's only hacking victim, "but we
have an obligation, which we must take seriously, to take all
necessary measures to protect our systems and our data."
At the time, Foulon acknowledged that some of the protective
measures "may create difficulties and even reduce productivity."
Fully one year after being unplugged from the Internet, some
Commerce Department employees complained about the inconvenience.
One worker offered to provide his own laptop so he could work at
his desk, rather than use one of the office terminals 30 feet away.
"How does that endanger the network?" the employee wrote last
summer. His request was denied by a security supervisor who
complained that he, too, was struggling with the same Internet
restrictions.
---
Associated Press writers Jeannine Aversa and Eileen Sullivan
contributed to this report.