US Navy searches for hundreds of missing computers

At least 595 laptops and desktops belonging to the US Navy's Pacific Command in Hawaii have been potentially lost or compromised,...

At least 595 laptops and desktops belonging to the US Navy's Pacific Command in Hawaii have been potentially lost or compromised, according to an internal report that detailed the service's inability to account for hundreds of computers, some of which contained classified data.

The audit, conducted in July by the Naval Audit Service and obtained last week by a defence industry trade magazine despite Navy efforts to block its release, concluded that the mishap poses a "threat to national security".

The report identified failures and breakdowns in the Navy's system for tracking sensitive equipment deployed aboard Navy ships and submarines - a system that remains largely paper-based and manual.

This is not the first time the military has lost computers containing sensitive data. In August, two laptop computers classified at the top-secret level disappeared from a sensitive information facility run by the US Central Command at MacDill Air Force Base in Florida.

The only reason those laptops were discovered to be missing was that Secretary of Defence Donald Rumsfeld had ordered investigators to look into how plans for an invasion of Iraq had leaked to the media.

Missing laptops and hard-drives have also stung the State Department, the Department of Energy and even the US Federal Bureau of Investigation in recent years.

In August, the Justice Department acknowledged that it could not locate 400 laptops and 775 weapons belonging to the FBI and the Drug Enforcement Agency. In addition, the classification level of 317 of the computers belonging to the FBI could not be determined.

Accountability problems often stem from the fact that individual military and civilian agency officials are appointed as control or accountability officers for a vast array of equipment that is deployed for extended periods of time around the world.

In addition, the process of keeping tabs on equipment is often determined by the individual officer assigned to manage the hardware and is not subject to any departmental or government standard.

Read more on IT risk management