In November 2015 the Center for Public Integrity published an article about two defense contractors who were subcontracting work to a group of Russian programmers. The Russian programmers cost 1/3 as much as their American counterparts; they also managed to infect the Defense Information Systems Agency (DISA) network with a number of viruses.
So much for requirements that “only U.S. citizens with approved security clearances work on classified systems”.
After reading this article, I filed a FOIA request with DISA:
Defense Information Systems Agency
ATTN: Headquarters FOIA Requester Service Center
P.O. Box 549
Ft Meade, MD 20755-0549
Dear FOIA Public Liason,
This is a request made under the Freedom of Information Act. I am seeing the following records:
- The whistleblower report(s) provided by John C. Kingsley, regarding the use of Russian programmers in the development of a Pentagon communications system. See http://www.publicintegrity.org/2015/11/04/18828/security-breach-russian-programmers-wrote-code-us-military-communications-systems.
- Executive summary documents, describing the system in question.
I am making this request for personal, non-commercial use.
Please advise me if processing costs will exceed $25.00.
I prefer to receive responsive documents in electronic form. Responsive documents can be emailed to steve@… or mailed to the return address above.
DISA responded four months later. Sadly, no documents for me.
FOIA No: 16-07
Dear Mr. Revilak:
This letter is in response to your Freedom of Information Act request for copy of the Whistleblower report provided by John C. Kingsley regarding the use of Russian programmers in the development of a Pentagon communications system and the executive summary documents describing the system in question.
Please be informed that the above requested report and all records pertaining to it are currently a part of an ongoing and or pending investigation; therefore, we are denying all records pertaining the report pursuant to 5 U.S.C. Sec. 552 b(7)(A).
Exemption 7 (A): Exempts information, which, if released, could reasonably be expected to interfere with ongoing and or pending law enforcement proceeding.
You may appeal this denial by writing to the General Counsel, Defense Information Systems Agency, P.O. Box 549, Ft. Meade, MD 20755, within 60 days of your receipt this letter. Both the letter and envelope should be clearly marked “Freedom of Information Act Appeal.”
This concludes the initial determination by this agency. If this agency can be of further assistance, please do not hesitate to contact Robin M. Berger, FOIA Manager on (301)225-6104.
Not only is the whistleblower report classified, but any documents describing the system are classified too.
This yet another example of how our defense industry is a racket. The defense contractors in this case are Netcracker and Computer Sciences Corporation (CSC). Netcracker is a privately-held company in Waltham, Massachusetts and CSC is a publicly held-corporation in Virginia Falls, VA. Since CSC is public, we can get a glimpse into their company via SEC filings. In their last annual filing, CSC included the following as “risk factors“.
- Contracts with the U.S. federal government and related agencies account for a significant portion of our revenue and earnings. Roughly a third of their revenue comes from Federal government contracts, and they’re worried about the debt ceiling.
- Our contracts with U.S. government agencies are subject to regulations, audits and cost adjustments by the U.S. government, which could materially and adversely affect our operations. Yup, like when you get fined for inappropriate outsourcing.
- Our ability to perform services for certain of our government clients is dependent on our ability to maintain necessary security clearances.
This is one of the problems with the current trend of outsourcing defense work. First and foremost, a publicly-traded company is responsible for generating shareholder profits. That’s what CSC did here — they outsourced to cut expenses and increase their margins; the profit motive clearly took priority to the classified nature of the system they were contracted to develop. They got away with a slap on the wrist — a $1.3M dollar fine, with no admission of wrongdoing. (Netcracker agreed to pay a $11.4M dollar fine, again with no admission of wrongdoing).
That seems to be the trend these days. When corporations break the law, there’s a small fine, no admission of guilt, and no criminal charges. It’s just the cost of doing business.
As for us citizens, we’ll never get to know what all those classified dollars are being spent on.