OIG Report on FBI Dysfunction in Hanssen Case

[Marty]

http://www.usdoj.gov/oig/special/03-08/index.htm

This unclassified "executive summary" describes a nearly dysfunctional FBI where handling of security was an afterthought! You will not believe the incompetence described in this report. For example:

After learning that its two most important KGB assets had been arrested, the FBI formed a six-person task force to determine how they had been compromised and whether an FBI mole was responsible. In the course of its review, the Task Force discovered that because of poor document controls and violations of the "need to know" principle it was impossible to determine who within the FBI had had access to the Motorin and Martynov cases. Accordingly, no FBI employee with knowledge of these assets was investigated. Nonetheless, in September 1987 the Task Force issued a final report stating that there was no evidence of a Soviet spy in the FBI.

And of course guess what seems to be the first avenue of approach to fixing this disaster? I'm sure you are way ahead of me:

IV. Summary of the FBI's Security Programs During Hanssen's Career

The Hanssen case highlighted significant, longstanding deficiencies in the FBI's internal security program, many of which were brought to the attention of FBI management over the years but were not corrected. Historically, the FBI has not been in compliance with Executive Orders, Justice Department regulations, and Intelligence Community standards regarding internal security. Although we found that the FBI has taken many important steps to improve its internal security program since Hanssen's arrest - including the implementation of a counterintelligence-focused polygraph examination program, the development of a financial disclosure program, and the creation of a Security Division - some of the most serious weaknesses still have not been fully remedied. These weaknesses expose the FBI to the risk of future serious compromises by another mole.

Before Hanssen's arrest, the FBI's security program was based on trust. Rather than taking the sort of proactive steps adopted by other Intelligence Community components - such as requiring regular counterintelligence polygraph examinations, financial disclosures, and meaningful background reinvestigations, and utilizing audit functions regarding computer usage - the FBI trusted that its employees would remain loyal throughout their careers. The Hanssen case shows the danger of that approach.

The poly was front and center in the initial FBI response but there is a pretty detailed set of rec's at the end of the report that one can only wish had been in effect 20 years ago. One only hopes they don't use the poly as a sort of cure all and impliment these.

Thanks to counterpane.com for the link.

-Marty