By George Lobsenz
In a new flurry of all-too-familiar security and safety problems at the Energy Department nuclear weapons facility, Los Alamos National Laboratory last week acknowledged the loss of three computers and a Blackberry device and the belated discovery that some 2,000 current and former workers and visitors to the lab may have been unknowingly exposed to toxic beryllium.
As has been in the case in previous security incidents at Los Alamos, word of the missing computers and Blackberry came first from the Project on Government Oversight (POGO), a watchdog group that noted that the Blackberry had been lost in a “sensitive” foreign country that might be hungry for classified nuclear information from the New Mexico lab.
And the lab itself disclosed last week that it had notified some 1,890 current and former employees and visitors of possible exposure to beryllium–a toxic metal that can cause chronic lung disease–based on recently discovered beryllium contamination at one of the lab’s technical areas.
The new problems follow repeated cyber-security and safety breakdowns at the lab in recent years–and repeated commitments by the lab’s operator, Los Alamos National Security LLC, to prevent any further lapses in those areas.
The incidents also highlight the fact that while new Energy Secretary Steven Chu was picked by President Barack Obama for his expertise in clean energy research, DoE’s nuclear weapons complex–and Los Alamos in particular–remain the department’s biggest management challenge.
Lab officials scurried Thursday to downplay the loss of the lab computers and Blackberry, saying none of the devices contained classified or sensitive information.
“All indications are that none of the systems contained sensitive or classified information,” the lab said in a statement about three computers that were stolen from the Santa Fe home of a lab employee.
As for the Blackberry device, the lab said: “It was reported missing immediately by its owner and its connectivity to the laboratory was immediately severed. Further, we have determined that the Blackberry has not been used to attempt to connect to the laboratory. The Blackberry also did not contain any sensitive information that could be considered a breach of security.”
However, POGO released an internal Los Alamos e-mail that revealed considerable consternation about the loose computers and Blackberry among lab management and officials at the National Nuclear Security Administration (NNSA), the semi-autonomous DoE agency that oversees the nuclear weapons complex.
“This is garnering a great deal of attention with senior management as well as NNSA representatives,” said the Jan. 27 e-mail, which also suggested that the lab had failed to keep proper track of what computers are removed from the lab–and what information is in those computers.
The e-mail said the incident showed the need for a “risk-based” analysis of all offsite equipment, including any case where an employee has taken more than one computer offsite.
Further, the e-mail noted: “In order to perform such a review, we need confidence that we in fact know what equipment is offsite, and have confidence that the associated property removal paperwork is in order.”
In that regard, the e-mail suggested that the lab might be in violation of a 2007 compliance order issued by DoE to the lab demanding that Los Alamos improve its computer tracking and cyber-security procedures.
Specifically, the e-mail said the lab needs to know that “offsite computing systems have in fact been entered into the Hostmaster data base (which is a requirement of the 2007 DoE compliance order, whether or not the system is on-site and whether or not it will ever be connected to a network).
“Unfortunately, the case of the stolen computers suggests that 1) our property removal paperwork (and related entries in the…property database) may not be complete, and 2) some offsite systems may not be in the Hostmaster database.”
The beryllium incident appears to suggest a breakdown in hazard identification and safety management compliance at Los Alamos, which is supposed to rigorously check production facilities for nuclear and toxic contamination to ensure proper safeguards are taken to protect workers and visitors. Despite those requirements, Los Alamos has had repeated similar episodes in recent years in which there were lapses in worker protection.
The lab said the potential beryllium exposures were belatedly discovered in November and December of 2008 when industrial hygiene sampling at Los Alamos’ Technical Area 41 identified the presence of the toxic metal on some surfaces.
“Access was immediately restricted and posted as a beryllium contamination area,” the lab said in a statement. “Decontamination of the facility has begun and should be completed by February.”
The lab estimated that of the 240 employees who worked at the facility, less than 2 percent faced potential health risks. And it said the chances were “extremely low” that any of the roughly 1,650 visitors to the facility would develop health problems because they were in the facility for only a short period of time.