Privacy SOS

Booz Allen, former Snowden employer, to receive DHS contract for government network security operations

 
The government is planning to spend billions of dollars to provide 'continuous monitoring' of internet and network traffic for federal civilian agencies. Naturally, the money will go to private contractors. From NextGov:
The Homeland Security Department chose 17 vendors for a potential $6 billion network threat-monitoring project that will offer all civilian agencies the services at no cost to them, DHS officials said on Tuesday. 
 
The winners include big name federal contractors, such as IBM, General Dynamics and Lockheed Martin. Also on the list is Booz Allen Hamilton, which employed ex-National Security Agency consultant Edward Snowden at the time he stole files on domestic surveillance programs from NSA systems. Snowden, now fired from Booz and seeking refuge in Russia, faces extradition to the United States on espionage charges. 
 
The Obama administration has called for “continuous monitoring” since 2010, but many agencies do not have the expertise or funding to manage the near real-time scrutiny required. Almost a third of agencies went without continuous monitoring programs in 2012, according to federal inspectors general.
 
 
Each vendor will offer agencies a menu of sensors, risk-status displays and professional consulting services from subcontractors such as McAfee, ForeScout and Veracode, according to company officials and a vendor solicitation released in late 2012. 
 
Cloud providers — such as Amazon — that rent data centers to the federal government will have the option to order these “continuous monitoring as a service” bundles, DHS officials have said. 
 
When the project was announced last year, executives at Booz Allen said their bid for the work would highlight the firm’s own internal continuous monitoring system. Booz Allen officials were not immediately able to comment on Tuesday.
Well, would you look at that: Booz Allen is one of the companies receiving millions of dollars to run network security (or 'continuous monitoring') operations for civilian federal agencies, having successfully touted its internal monitoring system to prove its bona fides. That, of course, was before Edward Snowden, a former Booz Allen employee, embarrassed the company by demonstrating that its internal monitoring system doesn't even stop its own employees from taking sensitive government information to Hong Kong and giving it to a newspaper.
 
In any other circumstances, you might expect that the government would take an interest in investigating the role that the company's failed security measures played in this massive breach. But luckily for Booz Allen and lots of other extremely rich corporations, the government doesn't seem to have much of an interest in holding intelligence and military contractors accountable for their mistakes. It makes me wonder what it would take for the government to actually get upset with one of these companies and cut some contracts. Sure seems like the tail is wagging the dog.
 
Stranger things have happened. The government gives 70% of its federal intelligence budget to private contractors, meaning not only does the establishment rely on them, but that those companies know an awful lot. Information is power. After all, Edward Snowden said that he could wiretap the president from his Booz Allen terminal. 

© 2021 ACLU of Massachusetts.