Vetting Systems Crashes = Security Threat

Thomson Reuters reports that the computer system used by U.S. Customs and Border Protection (CBP) to screen international travelers went down on New Year’s Day. Immigration officers were unable to access screening databases for approximately two hours. The outage caused delays at a number of airports across the country – including some of the nation’s busiest, such New York, Atlanta, San Francisco and Denver – but does not appear to have been a major obstacle to holiday travel.Average Americans, however, should be concerned about the impact on national security. In the years since the September 11, 2001 terror attacks, the United States has built up an impressive array of law enforcement databases. But they are about as useful as an umbrella in a sandstorm if immigration officers cannot access them.According to agency representatives, “CBP officers continued to process international travelers using alternative procedures at affected airports.” But one wonders how effective such “alternative procedures” are when compared to the highly efficient, multi-database checks that can be conducted employing the computing power of a modern IT network.And this is merely the latest in a series of continuing vetting problems experienced by DHS. It is the second outage experienced by CBP within the last year. And U.S. Citizenship and Immigration Services (USCIS), the agency responsible for vetting naturalization applicants, has experienced similar IT-related problems.DHS does not believe this outage was the result of a malicious attack. However, that may be cold comfort. If CBP can’t keep its systems up and functioning, an adversary doesn’t need to hack into them and look for ways to bypass security measures – it just needs to figure out how to make them crash.CBP, and all the other immigration agencies within the Department of Homeland Security (DHS), should regularly be investing in both IT infrastructure and cyber-security programs. The successful performance of security vetting functions, particularly during national emergencies, is dependent upon secure systems that are both resistant to crashes and protected against hacking.In an age when billions of dollars worth of purchases are made daily via the internet, it boggles the mind that a federal law enforcement agency, with a $14 billion budget is running computer systems that seem to be about as secure and reliable as a 1980’s Commodore 64 with a dial-up modem.