Archives
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
Categories
- Congress
- Defense
- General News
- Health
- Health IT
- Homeland Security
- IBM suspension
- Industry
- Info Security
- Intelligence
- International
- IT management
- Law
- OMB
- Oversight
- Policy
- Politics
- Privacy
- Procurement
- Program Management
- Project management
- Risk management
- Security
- Spending
- State and Local
- Technology
- Telecommunications
- Tip Thursday
- Virtual World
- Web
- White House
- Wireless
- Workplace
What's happening in the federal IT community
By Thursday, October 11, 2007 | 11:29 AM
An article on a Web site operated by the Detroit Free Press about a driver's license fraud scheme in Michigan's Secretary of State's office raises an interesting question.
This month, a pair of Michigan state employees was caught selling fake driver's licenses, license plates and vehicle registration tags. The employees would identify a customer interested in obtaining the fake licenses and registration, would take the person's photo and then "use the name and personal information of an unwitting person already in the Secretary of State computer system" to produce the fake documents, according to the article.
This is the unnerving part: "The case broke after a sheriff's deputy noticed a fraudulent temporary license plate during a routine traffic stop," according to the article. The two employees' illegal activity on the state computer system was never flagged by the network. With the knowledge that most computer crimes come from within an organization, not from outside hackers, why wasn't the state system programmed to flag this unusual activity?
In addition, the article quotes Wayne County Sheriff Warren Evans musing about how "it is incredible in a post-Sept. 11 world that a government employee would provide anyone with picture identification under a false name." Maybe it's not that incredible, as illustrated by this Washington Post article. (As was the situation in the Michigan fraud case, this case was not broken by the state Department of Motor Vehicles but by the U.S. State Department's Bureau of Diplomatic Security.)
In the end, this Michigan case is what the Homeland Security Department can point to in its ongoing effort to enforce Real ID.
Comments
It is not bombs and computers that bring us harm but the people who operate them. The challenge for every DMV will remain to find honest people accessing computer systems until the US finally has adopted in the Real ID Program the platform called "smart wallet" by National Institute of Standards and Technology in its Biometrics and Security Systems and Applications Program. The smart wallet is a tiny electronic wallet that digitizes the drivers' license and securely stores it within the wallet. Once plastic has been updated to become a digital ID it is easy to prevent duplicates from being issued.
The first explanations of why the smart wallet was booted from the forerunner spot based on merit in every federal identification credentialing program since 2002 hopefully will emerge in the trial of Randy Cunningham's coconspirator # 1, Brent Wilkes and the CIA's former Executive Director, Dustin Foggo in San Diego. This trial is to succeed the current Wilkes bribing Randy Cunningham trial.
Dawn | Tuesday, October 23, 2007 | 10:00 AMThis is an example of the little brother problem. Financial, medical, and other computer systems are operated by lots of hired help, little brothers.
People soon learn the nitty gritty details and how to find interesting tid bits, pull mischief etc.
Wise Old Owl | Friday, October 12, 2007 | 8:03 AM