Indianz.Com > News > Interior ordered to protect Indian trust fund systems

printer friendly version
Interior ordered to protect Indian trust fund systems
Friday, October 21, 2005

Internet Vulnerability Documents:
OIG Memo 1 | OIG Memo 2
OIG Findings | BLM Report

From the Indianz.Com Archive:
Interior's security weaknesses not unique: NBC vulnerable to attack (January 17, 2002)

A federal judge ordered the Interior Department to disconnect its Indian trust systems from the Interior on Thursday, citing "overwhelming" and "substantial" evidence that billions in Indian funds are at risk to computer hackers.

In a 205-page opinion, U.S. District Judge Royce Lamberth blasted the department for failing to present an accurate picture of its trust reform efforts. Bush administration officials have touted their $100 million investment in information technology upgrades but major vulnerabilities still exist, the decision stated.

"The evidence clearly shows that [individual Indian trust data] is, at present, not adequately secure," Lamberth wrote.

This past spring, Lamberth held a 59-day trial during which computer security experts testified they were able to break into the department's systems. They were able to gain access using the public Internet and roam the network without being detected.

Testimony from some of Interior's own officials also showed problems. Inspector General Earl E. Devaney graded the department's effort an "F." Roger Mahach, who managed all IT security for the department, gave it a "G."

"The court's findings of fact demonstrate that these poor grades are fully justified," Lamberth wrote.

As a result, Lamberth said it was necessary to pull the plug on Interior. In an 8-page order, he directed the department to "disconnect all information technology systems that house or provide access to individual Indian trust data" from the Internet. He also ordered the department to disconnect the Indian trust systems from Interior's internal network, or intranet, and from all other IT systems and from IT systems operated by contractors, tribes and third parties.

"The numerous interconnections between the IT systems of Interior's bureaus and offices, and between Interior's IT systems and those of private contractors and Indian tribes, substantially increase both the number of access points that might be exploited by a malicious attacker and the number of networks and systems that can be engaged by such an individual once unauthorized access has been gained," Lamberth explained.

The order exempts systems "necessary for protection against fires or other such threats to life, property, or national security" from being disconnected. It also provides a process to ensure that royalty checks can still be issued to Indian beneficiaries. In December 2001, when the first IT shutdown was ordered, payments to individual Indians and tribes were delayed for several months despite Interior's assurances otherwise.

The decision brought praise from Elouise Cobell, the lead plaintiff in the lawsuit. She said a shutdown was necessary to ensure that Interior Secretary Gale Norton, who oversees the department, fulfills her duties as a trustee to hundreds of thousands of individual Indians.

"We need to take every step possible to preserve what trust records still exist if Indian trust beneficiaries have any chance of getting the accounting that Congress and the courts repeatedly have ordered," she said in a statement. "This order shows that Norton's charade about computer security is over. For 59 days, government officials and contractors testified that Interior’s computers are terribly insecure."

The department responded that the shutdown will lead to more problems. "Based on our initial review of the order, it will adversely impact our ability to conduct program activities that benefit Native Americans as well as other parts of the Department of Interior mission," a spokesperson told the Associated Press. "This includes our ability to collect, process and distribute rents and royalty payments for both Indian beneficiaries and the federal government."

The administration can immediately appeal the decision because Lamberth issued it as a preliminary injunction rather than a temporary restraining order. The D.C. Circuit Court of Appeals currently has three Cobell v. Norton matters pending.

The administration's strategy in the case prompted the current situation. After Lamberth ordered a third shutdown in March 2004, Norton's attorneys asked the D.C. Circuit to limit the scope of the case.

The appeals court responded by agreeing that Lamberth shouldn't have ordered the disconnect without considering all the evidence. The administration claimed the decision as a victory but it led to the evidentiary hearing when all of the vulnerabilities were disclosed.

At the same time, the D.C. Circuit refused to restrict Lamberth's authority. In a unanimous decision, the court held for the first time that the Interior Department has a fiduciary obligation to protect the computer data and the computer systems of the Indian trust.

"It is indisputable that the Secretary has current and prospective trust management duties that necessitate maintaining secure IT systems in order to render accurate accountings now and in the future," the court wrote.

Since the first shutdown, most of Interior's computer systems have been reconnected to the Internet. The major exceptions are those operated by the Bureau of Indian Affairs and the Office of Special Trustee. The two agencies have not been given permission to go back online although they maintain connections with other Interior entities. The latest shutdown order would require those connections to be severed until improvements are made.

Get the Decision:
Cobell v. Norton (October 20, 2005)

Relevant Links:
Indian Trust: Cobell v. Norton - http://www.indiantrust.com
Cobell v. Norton, Department of Justice - http://www.usdoj.gov/civil/cases/cobell/index.htm