GAO report: Insider attack prevention measures should be shared better
The Department of Defense has taken steps to detect and prevent so-called “insider attacks” in domestic U.S. military facilities in the wake of deadly shootings in 2009 and 2013 but needs to share such best practices more consistently, according to a Government Accountability Office report.
An insider threat is when someone uses authorized access to breach security and do harm. Insiders are often aware of a facility’s vulnerabilities, such as loosely enforced procedures or exploitable security measures, said the report, issued Thursday.
For example, on Nov. 5, 2009, an Army officer shot and killed 13 people at Fort Hood, Texas. In September 2013, a Navy contractor killed 12 civilian employees and contractors at the Washington Navy Yard in Washington, D.C.
The report does not address assaults on military installations by outside attackers, which was apparently the case when a 24-year-old gunman killed four Marines Thursday at the Navy Operational Support Center and Marine Corps Reserve Center in Chattanooga, Tenn. The fenced facility had unmanned gates and concrete barriers designed to slow but not stop incoming traffic, according to news reports.
After the Navy Yard attack, all Marine Corps installations now conduct active-shooter training during annual exercises, the GAO report said. The DOD has established a department-wide insider threat program that identifies policy and assigns responsibilities, directing that the department’s policies be evaluated and modified to address insider threats, the report said.
GAO investigators visited eight U.S. installations: Fort Hood; Rock Island Arsenal, Ill.; Washington Navy Yard; Naval Submarine Base New London, Conn.; Peterson Air Force Base, Colo.; Joint Base San Antonio, Texas; Marine Corps Base Quantico, Va.; and the Pentagon.
They found that a broad array of actions had been taken to protect against insider threats. Among them were establishing rules and policies, such as screening non-DOD personnel accessing installations; conducting internal spot checks; conducting risk assessments; training and equipping response personnel; and developing cooperative agreements with local law enforcement agencies and first responders.
“While the U.S. installations we visited have taken actions to protect against insider threats, military services have not consistently shared this information across the department because DOD officials are not consistently using existing information sharing mechanisms,” the report said. “Such mechanisms include working groups, conferences, lessons-learned information systems, and antiterrorism web portals.”
As of May, some DOD force-protection guidance documents still had not incorporated insider threat considerations, and the department did not have a policy on when DOD military and contractor employees should report individuals seen carrying weapons on an installation, the report said.