FBI HQ: Internal security "low priority at best"
Robert Hanssen, a former FBI agent who confessed last year to selling secrets to Russia, described the intelligence agency's computer security as "pathetic", a report from the commission said.
The Commission for the Review of FBI Security Programs was set up at the request of Attorney-General John Ashcroft in response to the high-profile breach, which the investigators describe as "possibly the worst intelligence disaster in US history".
During 22 of his 25 years working for the FBI, Mr Hanssen trawled the agency's computer systems and passed documents and computer disks to the Soviet Union and Russia.
He pleaded guilty to 15 counts of espionage as part of a deal in which he was spared the death penalty on condition that he gave a full account of his spying activities.
"What I did is criminal, but it's criminal negligence... what they've done on that system," he told the commission chaired by former FBI and Central Intelligence Agency Director William Webster.
"Any clerk in the bureau could come up with stuff on that system," Hanssen said.
'Low priority'
The commission's 107-page report was published on Thursday.
"During our review of FBI security programs, we found significant deficiencies in bureau policy and practice," the investigators wrote.
"Those deficiencies flow from a pervasive inattention to security, which has been at best a low priority."
The report makes recommendations aimed at speeding the detection of employees who break ranks and minimising the amount of damage they are able to do.
Among these are increased use of polygraphs - lie detectors - and tighter restrictions on access to secret information.
The report was delivered to Mr Ashcroft on Thursday.
In a statement the attorney-general said the report "demonstrates how a trusted insider, through repeated acts of betrayal and treachery... was able to exploit deficiencies in FBI internal security systems and procedures to cause grievous harm to the national security".