DHS utility, manufacturing security protection system blasted as useless in Senate report

America's system of so-called "Fusion Centers" established by the Department of Homeland Security (DHS) for companies like utilities and manufacturers to report incidents that may have national-security implications is operated in a way that's "shoddy, rarely timely," and "sometimes endangering citizens' civil liberties and Privacy Act protections."

MORE: Who holds IT security power? 

BACKGROUND: America's critical infrastructure response system is broken

Those were the exact words in the report issued last night by the U.S. Senate's Permanent Subcommittee on Investigations that looked into how the roughly 70 state and local Fusion Centers have operated since 2003 when these centers were set up in the hopes of information-sharing between the private sector and government on suspected terrorism or cyberattacks.

According to the report, the DHS overstated "success stories" and kept problems quiet. The Senate subcommittee's review of 13 months of reports that came from the Fusion Centers found none of them uncovered a terrorist threat or did anything to help disrupt an active terrorist plot.

Instead, the investigation says it found that nearly a third of all the Fusion Center reports of that period - 188 out of 610 - were never published for use within DHS and by other members of the intelligence community, "often because they lacked any useful information, or potentially violated department guidelines meant to protect Americans' civil liberties or Privacy Act protections."

The report accuses DHS of storing "troubling intelligence reports" from the Fusion centers on people in the U.S., "possibly in violation of the Privacy Act."

Moreover, the Senate subcommittee says the Fusion Centers, which are in part federally funded, "suffered from a significant backlog." In which sometimes hundreds of draft intelligence reports sat for months before DHS officials made a decision about whether to release them. Many reports were published months late, and even a year after they were filed making the information appear out-of-date. Most reporting was not about terrorist or possible terrorist plots, but about criminal activity related to drugs, cash or human smuggling.

Last year, the role of the Fusion Centers erupted into the mainstream news in a storm of controversy over a supposed Russian cyberattack on a small Illinois water utility that was included in an advisory from the Fusion center called the Illinois Statewide Terrorism and Intelligence Center.

Though the Fusion Centers strive for absolute silence from anyone receiving the reports, that alleged Russian cyberattack information was initially leaked by a consultant in a blog who had happened to have read it as it was passed along to him. That whole incident at the Illinois water utility turned out to be a false alarm of embarrassing proportions. The supposed Russian cyberattack turned out to be a legitimate contractor who happened to be on vacation in Russia with his family who unwisely logged into the Illinois utility's network from there without informing the utility.

The Senate subcommittee report also criticized some purchases made at Fusion Centers using DHS grant funds, noting that buying "dozens of flat-screen TVs" and "sport utility vehicles" which were given away to other agencies seemed to be unrelated to the mission of a Fusion Center, though DHS said they were allowed.

The Senate report also said interviews directly with some DHS officials did lead to admissions from them that a lot of the reporting was "predominantly useless information" and "what a bunch of crap is coming through."

The Senate report faulted the Fusion Center system for weak training before sending individuals to handle sensitive domestic intelligence and also that officials who routinely authored useful or potentially illegal Fusion Center intelligence reports faced no reprimands.

According to the report, DHS was unable to provide an accurate tally of how it actually granted to states and cities to support Fusion Centers, though came up with estimates that ranged from $289 to $1.4 billion from 2003 to 2011.

The Senate subcommittee report which also pointed out Congress has to accept its responsibility for the weak system of Fusion Centers and dubious intelligence reporting recommended that Congress and DHS look afresh at the basis for the Fusion Centers in light of the investigation into it.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com.

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place