FBI investigating NASA whistleblower reports of Chinese data breach

nasa china spy

Federal News Radio: The congressman who oversees the committee that funds NASA says the FBI is looking into whistleblower reports that the agency allowed a Chinese national inside access to sensitive information, and that the data may have made its way back to the Chinese mainland.

Rep. Frank Wolf (R-Va.) said he turned the allegations over to the FBI after employees at NASA’s Langley Research Center in Hampton, Va., approached him, claiming that higher-ups had authorized the hiring of a contractor employee connected with an organization within China that federal agencies already had red-flagged as a potential national security threat.

Wolf said the reports came to him from “a number” of career civil servants within NASA.

“They were documents and lists of names. I can’t get into it much more than that because the FBI is looking at it, but it was shocking. When I saw it, I couldn’t believe it,” Wolf told reporters at the Capitol Thursday. . . .  (Read more)

Lawmaker: NASA broke law with visits by China officials

USA Today: A congressman says NASA broke a national security law last year by failing to notify Congress about two visits Chinese officials made to the Kennedy Space Center in Florida — a charge the agency flatly denies.

Rep. Frank Wolf, R-Va., said the visits — one in June and one in December — were barred by a measure he authored in 2011 requiring NASA facilities such as Kennedy to give lawmakers at least 14 days notice before hosting “official Chinese visitors.”

“We say, ‘Let us know. Notify us.’ And they did not,” Wolf said at a Capitol Hill news conference. “I do believe that was a violation of the law.”

The visits to Kennedy are part of what Wolf calls a troubling pattern of security lapses at NASA centers. . . . (Read more)

WOLF REVEALS MORE POTENTIAL SECURITY VIOLATIONS AT NASA CENTERS AT PRESS CONFERENCE

Washington, D.C. (March 7, 2013) – Rep. Frank Wolf (R-VA), chairman of the House Appropriations subcommittee that funds NASA, today held a press conference to discuss another potential security violation at NASA, this time at NASA Langley Research Center.

Wolf also made several recommendations aimed at enforcing – and reforming – the agency’s security protocols.

Wolf has been a driving force in the effort to address security threats at the NASA Ames Research Center, including the possible leak of classified information.

The charges against NASA Ames were raised in a February 8 letter Wolf and Rep. Lamar Smith (R-TX), chairman of the House Science Committee, sent to FBI Director Robert Mueller and Department of Justice Inspector General Michael Horowitz.

Wolf, Smith and Sen. Chuck Grassley (R-IA), ranking Republican on the Senate Judiciary Committee, sent additional letters to other Department of Justice officials in late February.

The full transcript of Wolf’s remarks is below.

The Hon. Frank R. Wolf Press Conference on NASA Security Violations March 7, 2013

Thank you all for attending today.  I will read a brief statement and then take questions.

As chairman of the House Commerce-Justice-Science Appropriations Subcommittee from 2001-2006 and again since 2011, I have the opportunity to conduct oversight of the agencies we fund that have diverse and interrelated jurisdictions.

For this reason, this subcommittee has a unique perspective on security, trade and science issues – including how these issues overlap with each other.

For many years, based on the information I have learned in my capacity as subcommittee chairman, I have spoken out publicly about the Chinese cyber espionage threat and its impact on our security and economy.

I have also seen how it is undermining U.S. efforts to develop competitive advantages through our investment in basic science and cutting-edge technologies, like aerospace.

Simply put: through its oversight work, this subcommittee has a unique understanding of how we invest in basic research and technologies at NSF and NASA to keep America competitive; this investment’s impact on job creation and our balance of trade through the Commerce Department and Trade Representative’s office; and we also see through the FBI’s investigative efforts how cutting-edge research developed through public and private investment is stolen by other countries, especially China.

Above all, in this capacity I have a clear picture of the Chinese government’s systematic and aggressive efforts to steal our sensitive technology and undermine U.S. competitiveness.

This theft concerns me for many reasons, not least of which because, as chairman, I have tried to divert increasingly scarce resources in the appropriations bill to continue to increase funding for NSF and invest in NASA and NIST.  In fact, this committee has funded NSF’s basic science at all-time high; despite significant cuts to our budget allocation.

I have prioritized science and research funding because I know how critical these investments are to keeping America competitive and the world leader in these fields.

I have another unique perspective on the threat from the Chinese government as a result of my many years of international human rights work.   In my capacity as co-chairman of the Congressional Tom Lantos Human Rights Commission, I have also worked closely with many victims of repression by the Chinese government, including many Chinese people who have sought asylum in the U.S.

The Chinese people are good people who yearn for freedom and the same universal human rights that we in the West enjoy, including freedom of speech and religion.   In contrast, the Chinese government is fundamentally corrupt and systematically abuses the basic human rights of its own people.

We only need to ask the Catholic bishop under house arrest, the house church pastor languishing in prison, the Tibetan monk willing to set himself aflame in desperation at the abuses suffered by his people.

It is these experiences that inform my efforts as chairman of this subcommittee and have resulted in the bill and report language we have carried to help agencies better mitigate potential threats, including the 2011 statute restricting NASA’s collaboration with the Chinese space programs, which is run by the People’s Liberation Army.

Again, this is the same Peoples’ Liberation Army that is responsible for the repression of the Chinese people, including brutally opening fire on Tiananmen Square protestors in 1989, and for the espionage operation targeting our country.

Although much of my concern about the Chinese espionage threat and its impact on the U.S. economy and job creation has been informed by closed briefings on this threat, this information has increasingly been discussed in the public and media.

In fact, over the last several weeks, the press has reported extensively on the growing and serious cyber espionage that has been targeting U.S. government agencies and our private sector. The Washington Post, New York Times and Wall Street Journal, among many other newspapers, have been targeted by Chinese state-sponsored cyberattacks and espionage.

Following the release of the report by the U.S. cybersecurity firm, Mandiant, documenting the connection between these attacks and the Chinese Peoples’ Liberation Army, the American people now have a clear picture of the serious threat our country faces from Chinese espionage operations.

My congressional office’s computers were targeted and attacked by the Chinese in 2006, and I spoke out publicly on the House floor in 2008 about what had happened – over the objections of many federal agencies at the time.

But now, years later, we’re finally having the national conversation about Chinese espionage; it’s a national conversation that is long overdue.

In recent years, government officials have testified how untold billions of dollars’ worth of U.S. trade secrets have been stolen by China and other foreign states.

This has a real and corrosive impact not just on our national security, but also on our ability to compete and grow our economy.  The result of this theft is fewer jobs for American workers.

In late 2011, the Office of the National Counterintelligence Executive released a report for foreign spies in the U.S.  Not surprisingly, much of the report focused on China’s espionage operations.

According to the report, Chinese espionage efforts “combine collection of open source information, [human intelligence], signals intelligence, and cyber operations” to “develop a competitive edge over the United States.”

The report also explicitly notes that Chinese views itself as a “strategic competitor” of the U.S. and is one of the “most aggressive collectors of U.S. economic information and technology.”

In response to the public attention to the Chinese espionage threat, last month the White House released a white paper detailing its strategy to mitigate the theft of trade secrets.

Notably, of the 19 trade secret espionage cases that have been brought under this administration, 16 of the 19 cases involved Chinese nationals spying for Chinese institutions. 

That’s 85 percent of all DOJ espionage cases that have involved China.

That is why I, along with Chairman Lamar Smith and Senator Chuck Grassley, have been working together to address the concerns at Ames Research Center, that involve the potential release of very sensitive military technology to foreign countries.  These efforts have been reported extensively in the press and there is more to come on this effort.

Based on information provided to us by people close to the situation, I believe national security technology may have been compromised and there are questions about the response from the center’s leadership.

Additionally, we have concerns about whether political pressure at the Justice Department may have led to the decision not to prosecute after more than three years investigation by the FBI and the Department of Homeland Security.

As a result of the press coverage of the work we have done concerning Ames, I was recently contacted by whistleblowers who provided me with a report alerting me to a very potential situation at NASA Langley Research Center involving a Chinese national who was allegedly provided access and information he should have otherwise been restricted from receiving.

It is my understanding that this Chinese national is affiliated with an institution in China that has been designated as an “entity of concern” by other U.S. government agencies.

That is why I was deeply concerned to learn not only was he provided access and information he never should have received – working directly on technology that may have national security implications — but he was also allegedly allowed by both NASA and his contractor to take his work and volumes of other NASA research back to China for a period of time, as documented in an investigative report I received.

The reason this is so important is that the president’s own strategy on mitigating the theft of U.S. intellectual property specifically singled out  “unmanned aerial vehicles, and other aerospace/aeronautic technologies” and “civilian and dual-use technologies in sectors likely to experience fast growth” as information of the greatest interest to foreign spies, including China.

These technologies are, literally, the very programs that NASA Langley and other NASA centers are working on.

Even more troubling is that this Chinese national was allegedly employed by a Langley contractor allegedly at the direction of NASA officials in an apparent attempt to circumvent appropriations restrictions the Congress has in place to prevent the hiring of certain foreign nationals of concern.

Additionally, it is my understanding that NASA spent several hundred thousand dollars to pay for this individual’s contract.

I have also received information that at least several dozen other Chinese nationals – none of whom have U.S. citizenship and many who do not even have green cards – are currently working at Langley under a similar scheme.  I worry that this “workaround” of Congressional restrictions may be happening at other NASA centers too.

To summarize: NASA officials spent several hundred thousand dollars to hire a Chinese national affiliated with an “entity of concern” at a federal center that is developing technologies that are priority targets for the Chinese government.

I think most Americans would be very concerned to hear this.  And they would want Congress and the administration to deal with this immediately.

That is why today I am writing both the FBI Director and the U.S. Attorney for the Eastern District of Virginia to urge them to fully investigate this case both for the national security concerns as well as whether any NASA officials conspired to violate federal law restricting the hiring or access for foreign nationals.

Additionally, in the course of learning about this situation at Langley, I was alerted to another troubling instance where thousands of declassified but extremely sensitive documents were posted on a NASA Web site inappropriately.  These unclassified but sensitive documents were available for the world to access, including countries of concern like China and Iran.

There are reports that this Web site was accessed extensively from foreign countries of concern.  This Web site is still active and should be taken down immediately and should undergo appropriate security reviews.

In light of these troubling security lapses at Ames and Langley, I am deeply concerned that these cases are just two examples that have come to light representing a much deep problem at NASA – a management culture shared by some in the agency that turns a blind eye, or in some cases may outright encourage, violations of security regulations.

This concerns me and should concern all Americans.

Now, I want to credit the brave whistleblowers throughout NASA – and there have been a number – who have contacted me and others in Congress to alerts us to these violations.  I know that most NASA employees work tirelessly to try to do the right thing and protect U.S. technology because they know how important it is to our country and the agency.

Fundamentally, I don’t believe the problem is that there are insufficient laws to protect this information, although I am willing to work with the administration and my colleagues in Congress to strengthen these laws, if necessary.

Instead, it’s really a matter of will.

It’s clear there are some in NASA’s management who do not appreciate the seriousness of these security issues on this agency.

It’s time for NASA to take this threat seriously.

It’s time for NASA to fully enforce current laws and security policies.

And it’s important that NASA hold those who don’t enforce these laws or policies fully accountable.

That is why today I am announcing a series of seven steps I am calling on the Administrator to immediately implement to address the systematic security issues that are coming to light as a result of the Ames investigation:

First:

The Administrator should immediately appoint an independent, outside panel to comprehensively review and audit security protocols and enforcement, including foreign national access and export controls, at every NASA center and headquarters.

The panel should have unrestricted access to center personnel and records and report back to the Administrator and Congress within six months on its findings and recommendations.   Additionally, the panel should solicit input from the Department of Defense, the FBI and other agencies with expertise in counterintelligence and export control as part of its review.

I believe the National Academy of Public Administration (NAPA) would an appropriate outside authority to conduct this review, and it should be chaired by someone with a strong security background, like former Attorney General Dick Thornburgh or someone else of his stature.

There is ample precedent for the Administrator to convene such an independent review.  Following the Fort Hood terrorist attack in 2009, the FBI Director asked former CIA and FBI director William Webster to chair an independent review panel that had unrestricted access to the FBI, which produced an excellent report that documented problems and made some important recommendations.

Second:

NASA should immediately take down all publicly available technical data sources until all documents that have not been subjected to export control review have received such a review and all controlled documents are removed from the system.

Additionally, NASA should provide the Defense Department, Commerce Department, State Department and the Congress a detailed disclosure report describing any documents found to have been inappropriately made available and determine which countries of concern that have accessed these controlled documents.

Third:

NASA should immediately review all foreign nationals with current NASA credentials — especially those that have been on site for extended periods of time — to identify and remove any individuals with ties to organizations or foreign governments designated as counterintelligence threats, including designated “entities of concerns” or any Chinese national with a professional tie to an institution connected to the Chinese government.

Additionally, NASA should conduct an exhaustive counterintelligence review and consider increasing the counterintelligence capabilities in light of the foreign national presence in NASA programs.

Fourth:

NASA should impose an immediate moratorium on the granting of any new credentials to foreign nationals of designated countries of concern until after the imposition of stronger background check requirements in order to capture potential disqualifying factors that may not become apparent through the minimal reviews currently performed.

Potential disqualifying factors must include ties to organizations or foreign governments designated as counterintelligence threats, including (per section 539 of P.L. 112-55) professional ties to institutions connected to the Chinese government.

Fifth:

NASA security, working with outside law enforcement counterparts, should impose criminal sanctions against anyone who has knowingly violated security-related laws and regulations, and impose administrative sanctions against those who unintentionally violate such laws and regulations.

Sixth:

NASA should immediately implement new training for agency employees to reduce or eliminate instances in which security-related laws and regulations are violated accidentally.

And, finally, seventh:

I am prepared to approve a reprogramming from NASA to reallocate additional funding and staffing for agency security-related functions, including center security, export control and counterintelligence.  There is no reason that these positions at any center or headquarters should not be fully staffed and resourced.  This should be a top priority.

I look forward to NASA’s prompt action to implement these reforms and this committee is prepared to work with the agency to ensure these steps are taken promptly.

Again, I believe that most NASA employees and contracts are good people who take these issues seriously.  They want American to be number one in space and aerospace – and they take security seriously.

However, for those people who aren’t, it’s important that NASA move quickly to enact these reforms so we keep America’s technology protected, and don’t share it with countries that are hostile or don’t share our values.

In addition to keeping our nation safe, this is also about creating and preserving American jobs.  If we can’t keep cutting-edge technology protected from espionage, we will never be able to commercialize it and create the jobs our country needs.

I think all Americans understand how important that is.

I would now welcome any questions.

 

 

 

Testimonials
CI/SECURITY ARTICLES
Threats are Out There