SECURITY BREACHES ALLOWED AT NUCLEAR SITES, HOU.S.E COMMITTEE TOLD
by Margie Burns
American Reporter Washington Correspondent
WASHINGTON, June 24, 2003 -- A series of witnesses testified to Congress today that the Bush administration has not repaired numerous security breaches at nuclear weapons facilities in the United States even after it warned that such breaches made the nation vulnerable to a terrorist attack.
Officials from the General Accounting Office (GAO) and the Department of Energy (DOE), a private security expert and the nonprofit Project on Government Oversight told the House Subcommittee on National Security, Emerging Threats and International Relations that the administration has not yet begun to implement several recommendations made before and after terrorist attacks in Washington and New York on September 11, 2001. Even security recommendations scheduled for implementation are being delayed and will not be completed for a decade, members were told.
Three panels of witnesses testified at today's hearing, which began at 9:00 a.m. in 2247 Rayburn House Office Building. The first witness, Ms. Robin M. Nazarro, from the GAO, was accompanied by two other GAO officials, James Noel and Jonathan M. Gill, in the Natural Resources and Environment section of the GAO. The GAO did a study of nuclear security (www.gao.gov/cgi-bin/getrpt?GAO-03-896TNI) at the request of the House Committee on Government Reform, strongly urged by Reps. Henry A. Waxman (D-CA) and Dennis Kucinich (D-OH). Kucinich is running for the Democratic nomination for President.
Nazarro testified that the U.S. nuclear weapons complex includes four "production sites" - in Missouri, South Carolina, Tennessee and Texas - and three national laboratories that design nuclear weapons. The Department of Energy (DOE) and a separate agency within the DOE, the National Nuclear Security Administration (NNSA), are responsible for the sites. The DOE is also responsible for cleanup at former nuclear weapons sites that still contain nuclear materials. The DOE hires contractors to handle the security.
The GAO performed its review of nuclear site security from December 2001 through May 2003. Nazarro summarized that the GAO found administrative problems throughout the nuclear complex. Specifically, the NNSA lacks clearly defined "roles and responsibilities" for its administrative structure. With "ongoing confusion about roles and responsibilities," security oversight of contractors is inconsistent.
Also, the GAO reported, contractors fail to analyze security problems consistently; "corrective actions are developed without fully considering the problems' root causes, risks posed, or the cost versus benefit of taking corrective action." NNSA is also shorthanded and may lack adequate staff to oversee security activities. Nazarro added that NNSA is trying to develop "virtual organizations" to compensate for shortfalls, but the virtual project is not complete.
With the concurrence of Noel and Gill, Nazarro also testified that the DOE's response to 9-11 "has been slow in some vital respects, and DOE and NNSA will need at least several years and an as yet undetermined amount of resources before their sites are fully prepared to meet the projected [terrorist] threat." Nazarro pointed out that the DOE took two years to develop a new "design basis threat" clarifying potential vulnerabilities, partly because DOE personnel disagreed over factors including the size of a potential terrorist group.
The next witness on the first panel was Glenn S. Podonsky, director of the Office of Independent Oversight and Performance Assurance in the DOE, who said that his office is responsible for evaluating DOE's security, environmental and safety programs. Podonsky testified that one of the main problems in nuclear security is the recent proliferation of computers, electronic data, and the Internet.
Reminding the committee of well-publicized problems including those at Los Alamos, Podonsky attributed the security lapses partly to lack of cyber security. Improvements have been made, Podonsky testified, "but much remains to be done before DOE has a coherent management structure in place to support an effective corporate approach to security."
Podonsky emphasized that "unclassified cyber security continues to be a challenge for some sites," and that "weaknesses in feedback and improvement processes are a long-standing concern, both within the DOE line and contractor organizations."
"The weakness in feedback and improvement and clarity of security roles and responsibilities are longstanding," Podonsky testified. "Progress in these areas, however, has been inconsistent and sporadic."
The second panel comprised two witnesses from the DOE, Linton F. Brooks, administrator in NNSA, and Joseph S. Mahaley, Director of the Office of Security. Even the DOE's own administrators confessed to problems. Concurring largely with the GAO report, Brooks said that managerial problems "were exactly the right thing" for the GAO to study.
"If we do not get the management and oversight of security right," Brooks said, "we will never solve the problem."
Like the other government witnesses, Brooks testified that certain steps had been taken and progress had been made. Specific improvements are largely classified, as are ongoing vulnerabilities, but Brooks mentioned "the closing of roads" [at some sites]. Brooks also mentioned short staffing as a problem, saying that site guards "are doing lots of overtime. They tend to like it," Brooks added, "but we could use some new hires."
Responding to comments by Rep. John J. Duncan, Jr. (R-TN) and Kucinich that NNSA's budget for 2003 is estimated at $7.9B, Brooks emphasized that he was not asking for more money. "Security is a whole lot of not very glamorous things, carried out day after day," he said. "This is a roles and responsibilities oversight problem," he emphasized; "not reporting [is] a cultural problem."
Duncan expressed concern that the NNSA, which began only in 2000, already has a $7.9B budget, and asked whether any other country with nuclear facilities is "doing more than we." Duncan, reminding the panel that actuarial statistics show that cancer and heart disease are much greater threats than terrorism, also urged "balance" and "common sense" in trying to combat threats.
Rep. Christopher Shays (R-CT) asked which sites are considered most vulnerable but was told that the answer is classified. Shays also asked whether all categories of sites have vulnerabilities. Brooks responded that vulnerability "has to do with the materials, which materials they have, not what they do." Sites with nuclear materials - including cleanup sites as well as production sites - are vulnerable. Brooks reiterated that "we're making progress," but "dealing with nuclear weapons, you've got to be concerned at anything less than perfection."
Kucinich and Rep. John F. Tierney (D-MA) asked about POGO's allegations that some security exercises - tests of security - had been "dumbed down." Brooks responded that some "dumbing down" had occurred in the exercises designed to test sites' ability to fend off terrorist attacks, "in some cases," but only in the past. Recent tests, he testified, have been stronger. In response to Kucinich's questioning, Brooks conceded that he has not seen the sharper tests firsthand or personally.
Mahaley concurred about the oversight and management problems facing security officials. "They've [NNSA personnel] gotten ahead of their headlights," Mahaley said, and need guidelines. Mahaley testified that administrators in charge of security do not have policy enunciated to guide what they're doing, and they're doing it anyway. Brooks agreed, "We've pushed a little ahead of the paperwork."
The third panel, which heard the most dramatic testimony, comprised Danielle Bryan, Executive Director of POGO, and Ronald E. Timm, President of private RETA Security. Bryan testified that POGO, an independent watchdog organization, had just completed a study of security at nuclear facilities when the 9-11 attacks occurred. The completed study, U.S. Nuclear Weapons Complex: Security at Risk, was published in October 2001.
Bryan said the investigation concluded "that the nation's tennuclear weapons facilities, which house nearly 1,000 tons of weapons-grade plutonium and highly-enriched uranium, and the transportation system for weapons and nuclear materials regularly fail to protect this material during mock terrorist attacks." "Even though [the study] is now two years old," Bryan added, "the problems identified are still relevant today."
She testified to delays and tardiness in implementing policy changes and making improvements. The Homeland Security office told her, she said, "that they were establishing red teams to independently test security at DOE facilities in the April 2002 time frame. However, it never happened."
Bryan pointed out that several of the ten major DOE sites do not need nuclear material to perform their mission, and others do not need the quantity of nuclear material they have stored, "but bureaucratic fiefdoms protect the status quo."
Pointing to the potential threat of nuclear theft, Bryan testified, "In fact, in full-scope mock terrorist attack tests performed by the government at DOE facilities, half the time mock terrorists are successful in breaking in, stealing significant quantities of Special Nuclear Material and leaving the site."
She added that suicidal terrorists might well be even more effective, since they would not need to get the material and get out, but could contrive weapons with materials found on site.
Bryan cited a litany of security lapses: "All three of the weapons labs had serious management and security problems in just the last few months. Top security officials at both Los Alamos and Livermore have been replaced. Only six months ago, a management scandal broke, involving some security issues including over 300 stolen or missing computers that the IG testified before Congress may have contained classified information.
"Now we have missing plutonium. At Livermore a set of keys and a security card to access sensitive areas were missing for weeks without being reported. In addition, members of the Livermore SWAT team claim they could not defend the lab in the event of a terrorist attack. At Sandia, there has also been a series of security lapses including guards sleeping and keys missing that are being investigated by Senator Grassley."
Bryan argued that nuclear materials are "a leftover from the Cold War," when the sites had a mission they no longer have. However, she said, "DOE has resisted many consolidation opportunities" and opposes closing down bases.
Citing a need for more consolidation of nuclear materials, more realistic "tests" of facilities, and better oversight from Congress, Bryan blamed ongoing problems largely on "bureaucratic inertia." "They don't want to admit mistakes," she said; [personnel] "don't want to admit that they've been wrong."
Ronald E. Timm, a security professional who was the final witness, stated that security lapses at nuclear facilities pose "a serious national security problem that only Congress can solve that has the potential consequence equivalent to 9/11."
Timm, an independent contractor, performed security work for the DOE for 20 years. However, he testified, "After making my concerns about inadequate security to DOE headquarters, and the current administration, my headquarters work was terminated." He still does security work for the National Park Service and the Corps of Engineers.
From 1998 to 1999, Timm and an assistant prepared 13 classified white papers for former Secretary of Energy Bill Richardson. "These papers not only disclosed vulnerabilities, but also disclosed cheating and altering of risk ratings for various sites and the transportation division by DOE management ... Virtually nothing was done to address the high risk even though Departmental Orders require compensatory remedial actions within 24 hours of the disclosure."
Under the current administration, Timm continued, "we have raised these concerns with [DOE} Secretary [Spencer] Abraham, and once again, other than denial, nothing was done to address the concerns."
Timm also emphasized a pattern of delay: "Even with the new and simple changes to the design basis threat, the necessary implementation schedule for funding of security improvements are not required to be completed until 2009 - with the actual implementation to follow some time later!" Among the remedies he called for are accountability, "fast track" consolidation of the nation's nuclear inventory, and line item funding for physical security.
This was the public hearing, attended by only three Republicans and three Democrats. C. A. Ruppersberger (D-MD) joined the other Democrats and Michael Turner (R-OH) the other Republicans. Kucinich, a Democratic presidential canddiate who had to leave early and looked very tired, made a brief closing comment reminding the committee that the nation has these problems because of "the [Cold War] policy of our government with respect to building nuclear weapons in the first place."
"Instead of being a threat to other nations, they ended up being a threat to ourselves," Kucinich said. "Just a little thought for the day," he added.
Witnesses were asked to return Tuesday afternoon for a closed hearing on the same topic, at which classified details could be discussed. In a brief interview, Timm said that all 13 of his white papers are still classified, and added that they tend to run only about 3 pages each - "very concise," he said, smiling.
Timm said he has not devoted his attention to news reports of a Boeing 727, retrofitted as a diesel fuel carrier, that disappeared from Angola's Luanda airport in May.
Margie Burns covers Washington for The American Reporter. Contact her at firstname.lastname@example.org.