FBI investigates Unisys over U.S. government hack

IT systems integrator Unisys is under fire for allegedly failing to detect the hacking of U.S. Department of Homeland Security computers, an incident that resulted in data being sent to a Chinese-language Web site.

Unisys is now under investigation by the U.S. Federal Bureau of Investigation, according to an aide for the House of Representatives' Committee on Homeland Security, which started investigating the DHS and Unisys in April.

The committee sent a letter to the DHS on Friday asking for its inspector general to open an investigation, the aide said. The letter said DHS had 844 "cybersecurity incidents" during fiscal 2005 and 2006, which the committee called "high and unacceptable."

The data breach adds to the growing chorus of complaints from countries such as France, Germany and the U.K. that hackers in China have stepped up their game, hunting for sensitive information on government computer systems.

In 2002, Unisys won a $1 billion contract to manage computer systems belonging to the DHS and the Transportation Security Administration, which were created after the Sept. 11, 2001, terrorist attacks to shore up the nation's defense. Unisys received a $750 million contract in early 2006 to continue the work.

Under the contracts, Unisys installed six intrusion-protection devices, said Lisa Meyer, Unisys spokeswoman. Those devices, which can detect unauthorized activity on a network, were not installed properly, alleges the committee.

Three months passed before clues emerged that malicious software capable of copying and transferring files had been installed on 150 DHS computers. The data, although unclassified, was transferred late at night or early in the morning to a Chinese-language Web site, according to committee evidence and testimony.

Two U.S. representatives also accused the DHS and Unisys of ignoring warning signs of the hacking.

In a statement , Unisys denied the intrusion protection devices were improperly installed and that the company reported security incidents.

Meyer said Unisys has not been notified by either the FBI or the committee of an investigation. She said she could not comment further on specific security incidents.

The FBI referred questions to the DHS, which said it would not comment on the committee's allegations but that it has responded to malicious cyber activity directed toward the U.S. government.

"We remain concerned that this malicious activity is growing more sophisticated and frequent," a statement read.

The department is in the process of integrating several IT contracts, including the one with Unisys, to be let for bids again. Unisys will not be prohibited from participating, although the department said previous performance is a criteria for selection.

This story was updated on September 24, 2007