Ignorance, dishonesty, incompetence or just greed at CSC? - The little boy seems to know.
A few days ago, an article on the website of “The Register” in the UK talked about a fine of $1.35 million which CSC had agreed to pay for using workers without security clearance on a US Department of Defense contract. CSC paid up but protested its innocence.
The article read as if CSC has overlooked security clearances, had made some administrative error or had failed to follow due process. However the full story, as reported today by Allgov, is far more serious than just administrative oversights.
We want to underline here that the incidents took place during the tenure of Michael Laphen as CSC’s CEO, before the arrival of Mike Lawrie and the current CSC senior management team.
Here is an extract of what Allgov reported:
Cost-Cutting Contractor Allowed Russian Programmers to Infect Pentagon Computers
A defense contractor working for the handed off part of a communications system upgrade to another company that hired Russian programmers to do the work—and who infected the system with viruses.
The fiasco began in 2008 with , which had a $613 million contract with the (DISA). The deal involved writing software for sensitive U.S. military communications systems that should have been handled only by U.S. workers with the necessary security clearances. Instead, Computer Sciences Corporation farmed out some of the work to subcontractor , a Massachusetts-based firm that hired programmers in Russia to write code for the project.
Another contractor, John C. Kingsley…..discovered the offshoring and informed Pentagon officials in 2011 what was happening, (warning that) the Russian-made software made it possible for the Pentagon’s communications systems to be infected with viruses. He said Netcracker used the Russians because they worked for a third of the cost of U.S. programmers.
“On at least one occasion, numerous viruses were loaded onto the DISA network as a result of code written by the Russian programmers and installed on servers in the DISA secure system,” Kingsley said.
The US still may pursue criminal charges against the companies.
(End of quote; Full details on
It almost defies belief that CSC could have farmed out this work to a company which then subcontracted to Russians. Why did CSC do this? What would cause somebody to potentially compromise the national security of their own country? Was it sloppiness? Was it incompetence? Was it the pressure to “make the numbers” at whatever cost? Or was it simply greed, an opportunity to increase profits and thus increase management bonuses?
This is another unsavoury episode from the Laphen era, to put alongside massive write-offs, shareholder lawsuits, SEC
investigations, customer disputes, accounting irregularities in many countries, flights of rendition, and the UK NHS fiasco.
The US Department of Justice is considering criminal charges against the company. This is unfortunate as it may just lead to another massive fine to be borne by the current shareholders.
We would much prefer to see criminal charges brought personally against the senior CSC executives who were responsible for running the company, starting with Michael Laphen, those who were responsible for this particular business, and those who collected bonuses from the profits it yielded. Will they once more claim ignorance and incompetence, saying they were totally unaware of the problem, as in the shareholder class action lawsuits arising from NHS?
How can it be that nothing of these events came to light until a whistleblower informed the Department of Justice in 2011? How can one believe that nobody in CSC ever knew about it? Was nobody in CSC overseeing what Nutcracker was doing?
What about CSC’s non-executive directors of the time, who were being very well paid indeed to ensure oversight over the running of the company. Where were they when all this was happening? How about charges being brought against them for negligence?
Finally, what about the customers in all this? If CSC does not pay sufficient attention to critical elements of national security, if nobody in CSC management sees major problems (or sees them, but keeps quiet about it) then how much trust can anybody put in CSC?
As the holiday season is near book your tickets for a Nutcracker at your local theatre. Seeing this fairytale will be more fun than worrying about the CSC hours story.