Interior shuts down BLM Web site

The on-again, off-again story of the Interior Department’s Bureau of Land Management Web site has shifted to off-again this month. Agency officials shut down BLM’s Web site after Interior’s inspector general issued a report warning that the agency’s information technology systems are vulnerable to cyberthreats.

The shutdown is the latest in a long-running dispute over the security of Indian trust fund information.

Bureau officials took the site off-line April 8, two days after the report was released. Investigators found that poor network security and weak access controls “could have easily compromised the confidentiality, integrity and availability of the identified Indian Trust data residing on such systems.”

Justice Department officials have since asked a U.S. district judge for a protective order to guard sensitive IT security information in the report.

A class-action lawsuit filed almost nine years ago criticizes Interior’s oversight of Indian trust funds. Plaintiffs have accused department officials of doing a poor job of protecting data from hackers.

In 2001, U.S. District Judge Royce Lamberth ordered Interior officials to disable Internet connections on all computers that could be used to access trust fund data. He ordered two subsequent shutdowns, although Internet access has returned to the department following a federal appeals court ruling that blocked Lamberth’s latest order.

A representative for the plaintiffs said external forces weighed more heavily than bureau officials are admitting. “Clearly, there was pressure from the court to keep their systems clean,” said Bill McAllister, a spokesman for Elouise Cobell, a member of the Blackfeet tribe in Montana, who, along with her co-plaintiffs, filed the lawsuit against then-Interior Secretary Bruce Babbitt and the government. Secretary Gale Norton inherited the suit.

Following the IG’s report, Cobell filed a motion last week for a restraining order and preliminary injunction to shut down every IT system that houses or accesses individual trust data. The plaintiffs argue that because Interior admits its IT systems are insecure, the systems must be disconnected from the Internet.

Alan Paller, research director at the SANS Institute, said many agencies’ IGs have found substantial vulnerabilities that might allow information to be compromised and it makes sense to address those problems, but the wholesale shutdown can be just as dangerous.

However, Bruce McConnell, president of McConnell International, approved of the shutdown. “BLM did the prudent thing, especially given the history. The public will get better service when the IT community — including industry — gets its act together on security.”

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.