The “lockup” system used by USDA to avoid advance release of secret crop statistics is rife with vulnerabilities, according to an internal report.
Crop information compiled by the agency’s National Agricultural Statistics Service can affect prices for commodities traded in the futures market.
Prior to the official release of such data, NASS must keep the information confidential to prevent anyone from making illicit trading profits.
Under the “lockup” system, two floors at USDA’s headquarters in Washington, D.C., are locked and guarded.
Only authorized people are allowed within the lockup area while the final crop reports are aggregated and nobody can leave until they are officially released.
During that time, telephone and computer systems are disconnected from the outside world and wireless devices are prohibited.
However, a recent audit by USDA’s Office of Inspector General found numerous chinks in this armor.
“As a result of these weaknesses, sensitive market information could be compromised or leaked before the official release of data, which could adversely affect NASS’ mission and equitable trading in the commodity markets,” the report said.
• Auditors twice entered the lockup area carrying cellphones in their pockets with “minimal effort” and sent text messages from the facility.
The agency is supposed to monitor for wireless devices in the lockup area, but the text messages went unnoticed.
Technology used to detect cellular signals in the facility couldn’t accurately locate them.
For instance, the software will detect devices operating on another floor of the building that’s not within the lockup facility.
“Therefore, NASS staff cannot be certain when and if any cellular activity is occurring in lockup, as the software continually detects signals,” the audit said.
• Visitors to the lockup area can’t bring devices with cellular capabilities, but the auditors saw a reporter using a wireless iPad tablet computer in the facility.
Upon signing in to enter the area, the reporter had claimed not to have a wireless device.
Lockup procedures require USDA staff to watch reporters to ensure wireless devices aren’t being used, but auditors found such monitoring to be lax.
Auditors showed NASS officials the incident on a security video, after which the reporter’s news organization was suspended from the facility.
• Guards repeatedly let auditors enter the lockup area with expired passes and without verifying the names on their security badges.
Visitors also entered the lockup area without signing in as required and nobody instructed them to do so.
“If an accurate record is not kept, NASS will not have a record of all individuals present in the event of an emergency, or be able to hold those individuals accountable in the event of a security breach,” the report said.
• Numerous people who were no longer NASS employees were still included in a key card access database.
The agency lacked a documented process of removing former employees from the database and didn’t reconcile it with a list of current employees.
“As a result, unauthorized and terminated employees could still gain access to restricted areas,” the report said.
• An internal USDA review previously documented three cases in which press articles about crop statistics written by news reporters in the secure area were released before the official reports.
Though the review found “equipment malfunction” to be the culprit, the audit report said similar problems still occur.
Due to computer “connectivity issues,” for example, an official NASS report was delayed by four minutes while press articles went out immediately.
“Since markets can have an immediate reaction to the reports, this reinforces the need for timely dissemination to all members of the public — not just those with news organization subscriptions,” the report said.
• Auditors walked into a room that contained a special server for crop statistics without having to log their visits.
“In the event that the server equipment was tampered with or changed, NASS would have no record of individuals that could be responsible,” the audit said.
• Confidentiality agreements were only signed as required by three out of 41 employees participating in lockups reviewed by auditors.
Supervisors weren’t properly checking employee records to ensure such confidentiality deals are signed each year.
In a response letter to the audit, NASS Administrator Cynthia Clark said the agency is complying with recommendations in the report.
For example, all lockup entrants must now pass through an “electronic screening device” purchased by the agency to preclude prohibited devices.
The agency also asked for permission to block cellular signals from the area, but the National Telecommunications & Information Administration denied the request, she said.
“NASS will continue to investigate mitigation strategies for limiting cellular access,” Clark said.