ID theft undermining integrated terror watch lists
Interest in national ID cards could be on the rebound
October 2, 2003 12:00 PM ETComputerworld -
Despite the government's recent efforts to integrate dozens of terrorist watch list databases (see story), terrorists may still be slipping through major cracks in homeland defenses by stealing identities and using computers to create fraudulent travel documents, officials told Congress yesterday.
Testifying before the House Select Committee on Homeland Security, Ronald D. Malfi, director of the General Accounting Office's Office of Special Investigations, said that during the past three years, his staff has successfully created fraudulent identities and documents on home computers that allowed officials to do everything from entering the U.S. from foreign countries to buying firearms and gaining unfettered access to government buildings.
"We created fictitious identities and counterfeit identification documents, such as driver's licenses, birth certificates, and Social Security cards ... using inexpensive computer software and hardware that are readily available to any purchaser," said Malfi. "In March 2002, we breached the security of four federal office buildings in the Atlanta area using counterfeit law enforcement credentials to obtain genuine building passes, which we then counterfeited."
"It's relatively easy for a terrorist to pose as someone else," said Rep. Robert Andrews (D-N.J.). "And the impact is that the integrated terrorist watch list and other databases that the [DHS] is sharing with other agencies is ineffective if we're not identifying [people]."
Delegate Eleanor Holmes Norton (D-District of Columbia), a self-proclaimed "card-carrying civil libertarian," said the nature of the vulnerabilities has led her and others to rethink the issue of national ID cards.
However, Keith Kiser, chairman of the American Association of Motor Vehicle Administrators, said a national ID card is not needed and would probably require additional IT infrastructure currently not in place. Instead, Kiser argued that the IT infrastructure used throughout state motor vehicle departments to verify identities and issue valid driver's licenses should be enhanced and standardized.
Rep. Peter DeFazio (D-Ore.) asked biting questions of experts from the Department of Homeland Security (DHS) and the FBI about why retail workers at many U.S. airports are allowed to enter secure areas of the airport without having to pass the same security screening checkpoints that pilots and passengers must go through. In addition, the only security precautions taken to ensure that those workers are who they say they are is a basic name and Social Security number check, often done using driver's licenses that may or may not have been obtained legally, said DeFazio.
"Today, several hundred thousand people, who we don't know if they are the person they said they are, will file into secure areas of
Security
Additional Resources



White Papers & Webcasts
The State of PCI DSS Compliance at Organizations Today
Download this resource today!
Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...
Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.
Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.
Why Email Must Operate 24/7 and How to Make This Happen
Learn how to avoid an email outage by implementing a hosted email continuity solution.
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Eradicate Spam & Gain 100% Asurance of Clean Mailboxes
Get this paper now!
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Mastering eDiscovery: The IT Manager's Guide to Preservation, Protection & Production
Get this paper now!
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
