The Government’s Bioterror-Response Website May Be Leaking Sensitive Data
“The U.S. government’s chief tool to coordinate responses to bioterror events has for years suffered from big security problems, according to Homeland Security Department inspectors and a former employee. For more than 15 years, the United State’s first line of defense against a major biological incident has been a program called BioWatch. Its sensors, mounted (600 in more than 30 cities across the U.S.), works like canaries in a coal mine. If a terrorist released, say, a deadly aerosolized biological toxin into Grand Central Terminal, sensors would pick up the toxin. Health care workers collect samples from the sensors and bring them to BioWatch labs every day. If the analyzed samples indicate a threat (and not a false alarm, which happens more often than Homeland Security likes to admit) a BioWatch Actionable Result sparks more work and a lot of coordination from local public health care workers, law enforcement, and officials. Hopefully, that happens in time to avert a pandemic or other public health crisis.
That coordination between health workers and government would occur over a website called Biowatchportal.org. It’s a restricted-access website and Homeland Security considers the information on it to be very sensitive. In theory, it’s the sort of information that an adversary could use to compromise the system, find sensor locations to disable or spoof them, and even target the health workers or officials who use the site. That includes officials in the departments of Defense and State, the FBI and other law enforcement agencies, and many others. But biowatchportal.org may be exposing this information, according to the Homeland Security inspector general and a former Homeland Security employee.”