Whistleblowers warned of security gaps prior to Navy Yard shooting

By way of three exhaustive internal and external investigations, it’s already been well documented that the Washington Navy Yard had serious physical and other security weaknesses prior to the mass shooting there in Sept. 2013. But a newly-disclosed report makes clear that security managers on the base had tried to point out at least some of the deficiencies well in advance of the shootings.

The findings are part of a Naval Inspector General investigation launched just days after the shooting in response to earlier whistleblower complaints to the Office of Special Counsel. The whistleblowers — Sparky Edwards and Vernon Londagin — were the command security manager (CSM) and deputy CSM for the Navy’s office of Strategic Systems Programs, the organization in charge of acquiring and securing all of Navy’s nuclear weapons.

Most of their complaints had to do with specific security problems at SSP, whose headquarters is at the Navy Yard. But some related to weaknesses in the overall base’s security perimeter, including the allegation that contracted gate guards were letting anyone with a valid driver’s license drive onto the installation without any further screening, instead of requiring military ID. Edwards and Longadin said they complained to Navy Yard security officials that the practice was unsafe and complicated their efforts to build a “layered defense” for SSP, but were told that the policy was necessary so that visitors could easily access a credit union and historical museum on Navy Yard property.

The IG found their testimony credible, although investigators weren’t able to definitively prove or refute that particular allegation. It did substantiate that the Navy Yard did not comply with DoD security policies for securing the gates of military bases, but the exact reasons were redacted from the report.

Advertisement

The IG did report that, at a minimum, pedestrians were allowed on base without a military ID. Also, the doors to building 200, which houses SSP’s headquarters, were left unlocked and unguarded at all times. Taken together with the seven other whistleblower allegations the Navy substantiated, at least as of 2013, virtually anyone would have been able to walk onto the base, into the building and right up to the glass doors of the classified spaces within SSP.

It’s important to point out that Aaron Alexis, who killed 12 people in building 197 on Sept. 16, 2013, probably would not have been stopped even if Edwards and Longadin’s warnings about perimeter security had been heeded, because Alexis had a valid military ID and worked on the base.

But the report offers new glimpses into the relatively lax security posture in place at the time.

  • When SSP first moved into the building in 2011, motion detectors and other security systems in building 200 were malfunctioning and producing false alarms so frequently that officials at a Navy central monitoring facility responded by simply turning off their audible alarms.
  • The aforementioned glass doors protecting classified spaces were weak enough that they “could be forced from the wooden frame with quick, concentrated physical effort.”
  • Employees were routinely allowed to bring their personal mobile phones into open secret storage areas.
  • Safes designed to hold classified information didn’t meet DoD security policies.
  • Workers frequently walked away from their computers without taking their common access cards with them, in some cases, leaving classified information on their screens — visible through exterior windows with no blinds on them.
  • Several other violations of DoD IT security policy, including routing the military’s classified network (SIPRNet) through insecure and uncertified portions of the building existed.

The Naval Inspector General now reports that SSP and the Navy have since fixed all of the issues it raised in the report, including by rerouting its network cables though properly secured spaces and hardening its doors, adding security personnel in building 200 and coming into compliance with DoD base access control policies.

The IG also concluded that there was no evidence that any classified information was actually taken from SSP.

But if the whistleblowers (who the IG describes as “exasperated” that their entreaties to boost security weren’t being listened to) were hoping for accountability on the part of SSP and other Navy leadership, they’re likely to be disappointed.

In its final report to OSC, the Navy said Michelle Howard, the vice chief of Naval operations, had concluded that SSP’s director did indeed fail to fix security violations in a rapid fashion, but that he lacked the authority to do so in many cases, partially because he shared a building with other tenants and many of the Navy Yard’s security procedures were outside his control. He received only administrative counseling.