Tuesday?s attack on the World Trade Center and the Pentagon could put a spotlight on a long-standing State Department mandate to upgrade its computer systems to better prevent terrorism.
In the early 1990s, the State Department announced a sweeping $530 million program to upgrade its technology infrastructure, replacing the department's proprietary hardware and software systems with an open systems environment by 1998. The program, which was announced in 1992 and intensified after a 1993 bombing of the World Trade Center, was intended to boost communication among U.S. counsuls abroad, ultimately preventing potential terrorists from entering the United States by land or air.
One of the most important aspects of the program was to improve the security technology at 228 of 260 embassies and posts that conduct consular operations overseas. The operations were responsible for processing visas for foreign nationals and providing passport services for U.S. citizens, and their shortfalls may have facilitated the 1993 bombing of the World Trade Center, according to the General Accounting Office (GAO).
Of the 228 posts, only 110 had an automated name-checking system connected to a central database at the State Department headquarters in Washington, according to a 1994 report from the GAO. The rest relied on a system that used magnetic tape and CD-ROM files and tended to be at least six weeks out of date, or on older microfiche technology that was so out of date and time-consuming that staff members said they often did not check the status of applicants prior to issuing their visas.
State Department officials were not available for comment Tuesday.
Despite the long-standing mandate, several studies in recent years have sharply criticized the State Department, largely for failure to upgrade its technology. A January report from the Council on Foreign Relations, a November 1999 study by the Overseas Presence Advisory Panel, and an October 1998 report by the nonprofit Henry Stimson Center for public policy each condemned the department's outdated information technology.
Earlier this year, Secretary of State Colin Powell said upgrading the department's technology would be one of his top priorities. His department's budget includes $210 million for two major information technology initiatives: putting full Internet access on every State Department employee's desktop, and connecting all of the department's posts to the classified communications network for checking visa and passport information and providing security clearance for U.S. citizens and visitors.
The State Department had also made a push to upgrade technology in the wake of the August 1998 bombings of the U.S. embassies in Nairobi, Kenya, and Dares Salaam, Tanzania. But despite the efforts, the department has continued to question its own ability to provide secure consular offices and technology that would provide up-to-date information on visas and passports. As recently as Aug. 30, U.S. embassies in Bucharest, Romania and Sofia, Bulgaria, were closed to the public to review security issues, according to an August briefing by State Department spokesman Richard Boucher.
After the 1993 World Trade Center bombing that killed six people, the State Department inspector general testified before Congress that procedural shortfalls may have been a contributing factor to at least three visas being issued to Sheik Abdel Rahman, who was indicted in the attack.
"The inspector general testified that the first two visas were issued because the Sheik's name was not added to the name-checking system until 7 years after it should have been," according to the December 1994 GAO Report. "In 1990, although his name had been added to the system, the Khartoum post issued a visa to the Sheik without checking the microfiche name-check system. According to the Inspector General, because the microfiche system is so time-consuming and cumbersome, there are probably numerous occasions throughout the world where the microfiche is not being checked as required."
According to a December 1994 report from the GAO, the posts without automated name-checking capability unnecessarily risked "issuing visas to persons who could engage in activities that endanger the welfare and security of United States citizens."