October 21, 2005 11:12 AM PDT

Appeals court keeps Interior Department online

An appeals court has granted the Interior Department a reprieve after a lower court ordered it to sever the Internet connection of any computer that could hold data relating to American Indian trust accounts.

Citing abysmal security at the federal agency, U.S. District Judge Royce Lamberth in Washington on Thursday ordered that all computers or devices that "provide access" to American Indian trust data be disconnected from the Internet and the department's intranet.

As justification for the forcible disconnection, Lamberth wrote a 205-page opinion reviewing the department's lackluster computer security efforts. "Inspector General Devaney testified that he grades Interior's IT security an 'F'," Lamberth wrote, noting that another expert gave it a "G," one notch lower than an "F."

The U.S. Court of Appeals in Washington on Friday granted a temporary stay of the order and gave government attorneys until Oct. 27 to submit a full appeal.

In a brief emergency request to the appeals court earlier in the day, the Bush administration argued that Interior Department functions "will be gravely affected by such a cutoff" with wide-ranging effects on "contracting and procurement activities, financial management, education programs, royalties distributions, IT security, hiring and recruiting and public database access."

Thursday's order is the latest development in a long-running class action lawsuit in which thousands of American Indians accuse the federal government of cheating them out of some $100 billion by mismanaging timber, oil and other revenues arising from their land.

Lamberth first ordered the disconnection of some systems in December 2001, after a court-appointed special master noted the department had "no firewalls, no staff currently trained/capable of building and maintaining firewall devices" and no way to monitor network activity.

In one external-penetration testing of Interior Department systems, a contractor gained access to a database with information about "Indian Trust Systems." From there, the contractor was able to secure full administrator privileges on at least two servers.

Another war-driving test of the department's systems found "at least 700 wireless local area networks," even though the Interior Department reported no wireless-enabled laptops and no wireless adapter cards on an official inventory of devices. To perform the penetration analysis, testers rented a minivan and sat in the parking lot of one Interior Department building for two hours without being questioned by guards.

Lamberth's order says that Interior Department systems "necessary for protection against fires or other such threats to life, property or national security may remain connected."

8 comments

Join the conversation!
Add your comment
Why Sue? Hack your money back
Instead of just suing the Federal Government and getting nothing nor getting the accounting fixed, they should have hired hackers to break in - since it is so easy - and just add billions here and there to all the accounts - there is no auditing anyway - and since there is no accountability, no tracking, no physical paper - everything is electronic - no one would have ever known that 50 billion was added into a few hundred thousand accounts and then the tribes could have just gone to BIA, and drawn out of their accounts which shows the money to be there and spent it on what the Government has always promised and never delivered - housing, education, roads and other basic infrastructure that the rest of the US has had for the last 50 years everywhere but on Indian reservations.

Give the hackers 10 million for every billion deposited - a bargain. Cheaper than lawyers.

If it is so necessary to keep BIA conected to the internet, then the problem is solved with a few keystrokes from Russia.

Gladnost!
Posted by taphilo-2003685639374287843630 (130 comments )
Reply Link Flag
Why Sue? Hack your money back
Instead of just suing the Federal Government and getting nothing nor getting the accounting fixed, they should have hired hackers to break in - since it is so easy - and just add billions here and there to all the accounts - there is no auditing anyway - and since there is no accountability, no tracking, no physical paper - everything is electronic - no one would have ever known that 50 billion was added into a few hundred thousand accounts and then the tribes could have just gone to BIA, and drawn out of their accounts which shows the money to be there and spent it on what the Government has always promised and never delivered - housing, education, roads and other basic infrastructure that the rest of the US has had for the last 50 years everywhere but on Indian reservations.

Give the hackers 10 million for every billion deposited - a bargain. Cheaper than lawyers.

If it is so necessary to keep BIA conected to the internet, then the problem is solved with a few keystrokes from Russia.

Gladnost!
Posted by taphilo-2003685639374287843630 (130 comments )
Reply Link Flag
Wait a second, I thought we STOLE all the land...
What gives???
Posted by Yukimi Konomi (48 comments )
Reply Link Flag
Royalty Payments
After we (The Federal Government since 1792) stole the land, moved them to reservations, the "worthless" land the Federal Government moved them to was found to contain, oil, minerals, wood and other goods that companies wanted. So the Government then sold private companies the right to mine, cut, exploit the land "in trust" and collected the money from the companies since the natives had no "ability" to manage their own money.

Then the Government created a system that was so bad that it lost track of incoming money and who it was supposed to go to - and sold rights far under pervailing costs to use the land that companies would have had to pay on private land - and then stated that the accounting is so messed up that they have no idea how much is owed so the Government owes them nothing.

Basically "they" did an Enron and refuse to be held accountable for knowingly doing it.
Posted by taphilo-2003685639374287843630 (130 comments )
Link Flag
Wait a second, I thought we STOLE all the land...
What gives???
Posted by Yukimi Konomi (48 comments )
Reply Link Flag
Royalty Payments
After we (The Federal Government since 1792) stole the land, moved them to reservations, the "worthless" land the Federal Government moved them to was found to contain, oil, minerals, wood and other goods that companies wanted. So the Government then sold private companies the right to mine, cut, exploit the land "in trust" and collected the money from the companies since the natives had no "ability" to manage their own money.

Then the Government created a system that was so bad that it lost track of incoming money and who it was supposed to go to - and sold rights far under pervailing costs to use the land that companies would have had to pay on private land - and then stated that the accounting is so messed up that they have no idea how much is owed so the Government owes them nothing.

Basically "they" did an Enron and refuse to be held accountable for knowingly doing it.
Posted by taphilo-2003685639374287843630 (130 comments )
Link Flag
Sheesh
Buy a half dozen Cisco routers, an in-house technician and get
the dang network fixed. You goofballs have wasted more time in
court over this stupid fiasco than if you had just cleaned up your
excuse for a network. Government tax dollars at work. I agree
with the first judge. Clean up the mess or get off the network,
period. No ifs, ands or buts: just do it and quit whining about
having to be secure. The problem is that they care less about
those peoples' security than they do about their own job
security.
Posted by jasonemanuelson1 (82 comments )
Reply Link Flag
Sheesh
Buy a half dozen Cisco routers, an in-house technician and get
the dang network fixed. You goofballs have wasted more time in
court over this stupid fiasco than if you had just cleaned up your
excuse for a network. Government tax dollars at work. I agree
with the first judge. Clean up the mess or get off the network,
period. No ifs, ands or buts: just do it and quit whining about
having to be secure. The problem is that they care less about
those peoples' security than they do about their own job
security.
Posted by jasonemanuelson1 (82 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.