Fair Use Notice
Source: E-Wire Press Release
E-WIRE PRESS RELEASE
FOR IMMEDIATE RELEASE
Statement by The Chemical Manufacturers Association
ARLINGTON, VA, Feb 17, -/E-Wire/-- The following statement was issued today by Jim Solyst, co-leader of the Chemical Manufacturers Association's Information Management and Right to Know Team, following news that the Environmental Protection Agency had temporarily shut down its public Internet sites because of concerns the sites may have allowed unauthorized users access to the sensitive business information U.S. firms provide the agency each year. The General Accounting Office (GAO) recently conducted a test of the agency's computer firewall system. GAO was reportedly able to penetrate and take over the EPA system, gain access to sensitive information and learn the passwords of a number of EPA employees. On February 7, CMA asked the agency to determine whether any of this information has been compromised by attacks on the agency's computer system. The agency has not responded to CMA's request. For additional information on this subject, contact Jeffrey C. Van at 703-741-5802.
Under the circumstances, EPA had no other real alternative than to temporarily shut down the sites. Apparently, the agency has some big holes in its computer security system that must be plugged. The consequences of not doing so are potentially very high.
Economic espionage is a booming business-and a growing threat to America's economic security. America is the No. 1 target of economic spies. It's estimated that economic espionage is already costing the American economy more than $300 billion a year, which is triple what it was only a few years ago. Increasingly, economic spies, many of whom work directly for foreign governments, are using the Internet to gain access to American businesses' most valuable business data. The EPA, like other government agencies, is required by law to protect this data.
There is growing concern about EPA's ability to manage information and ensure its security. In 1997, for example, the agency's inspector general found that EPA "had not sufficiently developed or implemented adequate controls to prevent or detect improper/illegal access to its systems from the Internet." Apparently, the General Accounting Office discovered the problems to be considerably more serious. And last fall, the Senate Appropriations Committee expressed concern about EPA's computer security system and its overall data management process. We believe it's time for the agency to adopt an institutional framework that will fix these problems and prevent them from happening again.
EPA has a responsibility to be good stewards of the information that businesses provide it each year. There are real consequences when the agency does not meet that responsibility. In this case, the potential is harm to the nation's economy, many U.S. businesses, and American jobs.
Hopefully, the agency will work with GAO, Congress and stakeholders to develop a formal process to ensure that information is secure and managed properly and to reassure the public that sensitive business information is secure.
SOURCE: Chemical Manufacturers Association
CONTACT: Jeffrey C. Van of Chemical Manufacturers Association at 703-741-5802.