NATIONAL SCIENCE FOUNDATION -Page l 4201 WILSON BOULEVARD ARLINGTON, VIRGINIA 22230 OFFICE OF INSPECTOR GENERAL MEMORANDUM Date: September 30, 1999 To: File No. I99050017 ecial Agent Via: Subject: Background: and allegedly found no evide icating the system was compromised. Investigation: We met with several NSFIDivision of Information Systems (DIS) managers regarding the and the NSF Firewall Network. Our meeting confirmed the account and three prior incidents of potential computer abuses by scan on NSF servers (possibly ' w and creating unauthorized user accounts. As a follow up tor niore office space, thereby putting up a smaller support relative to the other agencies. NSF allows to make use of its Firewall Network. background o-revious encounters with DIS, DIS provided e-mail accounts and logs for the warez incident. In addition, we interviewed Division of Administrative Services (DAS , which handle NSF building security, regarding the DAS response and accounts o&h ysical security breach on May 14/15 and 17, 1999. - Findings: Our initial investi ation, based on interviews and evidence, confirme r account of R a u t h o r i z e d eIectronicaccess of a federal computer (violation ofthe Computer Fraud and Abuse Act, Title 18 U.S.C., Section 1030 (a)) on the night after his emulovment was terminated Mav 14. 1999 at NCO. DIS interviews and evidence ga&ered, also support tha-aintained and created a n t h e e r v e r (a violation of No Electronic Theft-Act and Criminal Infringemiifit of a Copyright, Title 18 U.S.C., Section 23 19). We did not, however, uncover any likely personal gain for in either violation. Assistant U.S. Attorney, Eastern District of Virginia, 7 declined the case for prosecution, since there was no substantial dzifnaw at east $5,000) or a profit to support a felony conviction for the intrusion -na Eastern District of VA generally does not prosecute for misdemeanor intrusions aiid no personal gain piracy. DAS and DIS have coordinated their efforts to assess and revamp NSF physical and informational security procedures for handling employees and contractors who are no longer employed at NSF. In the interim, DAS has set up a procedure with the guards for those former employees and contractors who are not allowed in the building. Given the declination, and thaQll)ls a low risk threat to the NSF Network and physical security2,no further investigation is warranted at this time. This case is closed. as assured us that all asswords have been altered and their servers have been audited and are DAS has assured us that they now keep a running list with the Front Desk of all former emp oyemand contractors who are not allowed in the building.
Published by the National Science Foundation, Office of Inspector General on 1999-09-30.
Below is a raw (and likely hideous) rendition of the original report. (PDF)