Interior's Internet disconnect

Did a federal judge overstep his bounds when he issued an order for Interior Department computers to be disconnected from the Internet?

The question came up in a recent debate about Cobell v. Norton, an 8-year-old class-action lawsuit against Interior officials. Some independent security experts and a law professor said the judge in the U.S. District Court for the District of Columbia may have been overreaching in his ruling. But the controversy that prompted the order is far from settled.

In 2001, U.S. District Judge Royce Lamberth, who is overseeing the case, ordered Interior officials to disable Internet connections on all computers that could be used to access Indian Trust Fund data. He has ordered two subsequent shutdowns. Internet access has returned to the department, following a federal appeals court ruling that blocked Lamberth's latest order.

Richard Pierce, a law professor at George Washington University, debated the court-ordered shutdown with Keith Harper, the plaintiff's counsel in the lawsuit against Interior officials. The debate at American University was timed to correspond with the opening of the National Museum of the American Indian on the National Mall in Washington, D.C.

Harper said Lamberth did the right thing by ordering Interior's computers to be disconnected from the Internet.

All computers are vulnerable to hacking, Pierce said. "Imagine if someone shut American University's law school computers down for four years," he said.

Responding to statements that a judge's employee was able to hack into computer systems at Interior, Pierce said disconnecting the department's computers from the Internet is as unreasonable as disconnecting all the computers at SunTrust Banks Inc. because of a single hacker attack.

But Harper said the department's computers are so interconnected that the only means to ensure data safety is to shut down all of them. "We're in a place where individuals' reparations for properties are at risk every day," Harper said. "No other trustee would ever allow their trust system to be so vulnerable to attacks."

The Federal Court of Appeals for the District of Columbia Circuit issued an emergency administrative stay March 25 that temporarily suspends Lamberth's latest shutdown order. Interior officials requested the injunction following his March 15 ruling.

The March 15 order was the third such court ruling since 2001, when investigators determined that hackers could easily break into American Indian trust funds and pillage accounts worth millions of dollars. The shutdown cut off Web access for about 50,000 students attending 180 schools run by the Bureau of Indian Affairs.

Some independent observers, who were not part of the recent debate, said Lamberth's order, while understandable, may have been too far-reaching. "I can understand how Judge Lamberth became exasperated with the way the department has handled this thing over the years," said Bruce McConnell, former chief of information technology policy at the Office of Management and Budget.

"That said, this is a unique situation," he said. "This is the first denial-of-service attack by a federal judge, leaving the department unable to do its job and affecting many innocent citizens."

McConnell said a more targeted remedy would have been preferable, such as isolating the bureau's systems.

Alan Paller, research director at the nonprofit SANS Institute, said, "The reality is that computer security isn't perfect." But he said computer security at Interior should be on a par with that of major banks.

RELATEDLINKS

"Interior CIO outlines IT transformation" [FCW.com, Aug. 17, 2004]

"Ten win Interior contract" [FCW.com, July 20, 2004]

"BIA's model for change" [Federal Computer Week, May 10, 2004]

The latest development

A federal judge's repeated orders to disconnect Interior Department computers from the Internet stem from a protracted class-action lawsuit.

The lawsuit alleges that Interior officials lost, misappropriated or mismanaged billions of dollars of American Indians'

money held in trust accounts managed by the Bureau of Indian Affairs.

Under previous rulings, Lamberth gave department officials until 2007 to complete a full historical accounting of all assets held in the Indian Trust Fund since 1887.

And now this: Interior officials were ordered Sept. 29 to protect American Indians' interests by informing them of the ongoing class-action lawsuit, Cobell v. Norton, whenever native Americans are considering selling land or other assets.

— Aliya Sternstein

Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.

Featured

  • SEC Chairman Jay Clayton

    SEC owns up to 2016 breach

    A key database of financial information was breached in 2016, possibly in support of insider trading, said the Securities and Exchange Commission.

  • Image from Shutterstock.com

    DOD looks to get aggressive about cloud adoption

    Defense leaders and Congress are looking to encourage more aggressive cloud policies and prod reluctant agencies to embrace experimentation and risk-taking.

  • Shutterstock / Pictofigo

    The next big thing in IT procurement

    Steve Kelman talks to the agencies that have embraced tech demos in their acquisition efforts -- and urges others in government to give it a try.

  • broken lock

    DHS bans Kaspersky from federal systems

    The Department of Homeland Security banned the Russian cybersecurity company Kaspersky Lab’s products from federal agencies in a new binding operational directive.

  • man planning layoffs

    USDA looks to cut CIOs as part of reorg

    The Department of Agriculture is looking to cut down on the number of agency CIOs in the name of efficiency and better communication across mission areas.

  • What's next for agency cyber efforts?

    Ninety days after the Trump administration's executive order, FCW sat down with agency cyber leaders to discuss what’s changing.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group