LETTER TO(Sanitized) FROM FRED ASSELIN

ABRAHAM RIB149tT5}SP~sve'dP 5t Release 2005/02/10: CIA-RDP78MO266OR0003000 JOHN L. MC CLELLAN, ARK. CHARLES H. PERCY, ILL. HENRY M. JACKSON, WASH. JACOB K. JAVITS, N.Y. EDMUND S. MUSKIE, MAINE WILLIAM V. ROTH, JR., DEL. LEE METCALF, MONT. BILL BROCK, TENN. JAMES B. ALLEN, ALA. LOWELL P. WEICKER, JR., CONN. ryyy LAW TON CHILES. FLA. C? Vi$e~ .~$a$e~ .~e~r~ca$e SAM NUNN, GA. JOHN GLENN. OHIO RICHARD A. WEGMAN CHIEF COUNSEL AND STAFF DIRECTOR COMMITTEE ON GOVERNMENT OPERATIONS WASHINGTON, D.C. 20510 August 4, 1976 Assistant Legislative Counsel Central Intelligence Agency Washington, D.C. 20505 This is in connection with the preliminary staff investigation of the Senate Government Operations Committee concerning problems associated with computer technology in federal programs and private industry. In addition to the supplemental information I requested be incorporated into the final Agency presentation to be made a part of the Committee hearing record -- supplemental information requested in my letter of August 3, 1976 -- I am hopeful that another point may also be included in that final statement. I have reference to testimony given by the late Dean Acheson on January 14, 1949 before the Senate Foreign Relations Committee. This testimony, received in executive session, was made public in July of 1976 and it has just now come to the attention of the staff of the Senate Government Operations Committee. The document is entitled "Executive Sessions of the Senate Foreign Relations Committee (Historical Series)," Volume II, Eighty-First Congress First and Second Sessions, 1949-1950. Testifying in connection with his association with Alger Hiss, Mr. Acheson discussed overall security problems within the executive branch. On pages 10 and 11 of the hearing volume, Mr. Acheson made observations which relate to this Committee's inquiry into computer security. During the war, documents of the greatest security, which were prepared in the War Department and were sent over to the War Production Board, we now discover in the captured files of the German Secret Service. How they got there -- every single effort of the FBI and everying else has been put on this, and no results have come up Approved For Release 2005/02/10 : CIA-RDP78MO266OR000300020011-2  Approved For Release 2005/02/10 : CIA-RDP78MO266OR000300020011-2 page 2 Security is an extremely difficult thing. My own suspicion of it is that people who are really conducting spy work for foreign governments do not fool with exposed people like high officers of the government. I think what they do is to work through much more minor characters -- stenographers, or janitors, or char women, or somebody who can get hold of something of that sort. I don't say they never approach high officers of the government, be- cause they apparently have, as you have seen in these records, but I imagine that their real paydirt comes at a lower level. But, as I say, the efforts have not been very rewarding in finding out how this thing happens. Security measures are being taken. This has been a problem which we have had for a very long time and it is a very worrisome problem. At the staff level it has been generally agreed that it will be appropriate for the Agency's presentation to this Committee's hearing record to be submitted in written form, as opposed to an oral recitation. For that reason, we have worked together to arrive at an Agency presentation that will be as complete as possible in the area of computer security, in light of national security considerations which your Agency must function under. Therefore, the final statement to be submitted by the CIA for this Committee's hearings will be enhanced, in the staff's view, if you could include in that final pre- sentation some commentary on the statement by Mr. Acheson that it is often lower level personnel who are frequently the targets of security penetration efforts. In this regard, Senators, of course, may wish to know, first, if you concur in Mr. Acheson's basic assertion con- cerning the targeting of lower level personnel, and, second, what steps you would propose for other agencies within the executive branch, and in private industry as well, to seek to control this problem as described by Mr. Acheson. Approved For Release 2005/02/10 : CIA-RDP78MO266OR000300020011-2  Approved For Release 2005/02/10 : CIA-RDP78MO266OR000300020011-2 page 3 Independent inquiry by the Committee staff has indicated that the CIA is acutely aware of the computer security problem associated with lower level personnel. But the hearing record will be more persuasive on this point, the staff believes, if your final presentation addresses itself to this issue directly. It is the staff's hope that your experience in coping with this problem will be of value to other agencies within the executive branch. It will also be the staff's recommendation that Senators question spokesmen from these other executive branch agencies as to their views, within the framework of computer security, in response to Mr. Acheson's comments and what steps they take to respond to the issue. Your assistance in this is very much appreciated. Sincerely, Fred Asselin Investigator Approved For Release 2005/02/10 : CIA-RDP78MO266OR000300020011-2