http://www.nwfusion.com/news/2004/1209doi.html By John Fontana Network World Fusion 12/09/04 Three years after a judge's ruling in a class-action lawsuit unplugged the Department of Interior and its eight agencies from the Internet for four chaotic months, the department is still fighting to stay online having averted its third ordered shutdown earlier this month. Since the chaos of 2001, the DOI has invested millions to improve computer security, a trend, observers say, is cutting across federal government. The latest DOI Internet blackout was avoided when the U.S. Court of Appeals for the D.C. Circuit ruled on Dec. 3 that U.S. District Judge Royce Lamberth ignored evidence showing the DOI had addressed his concerns over computer security. Those concerns are part of an eight-year-old class action lawsuit, Cobell vs. Norton, over the mismanagement of Indian trust funds filed by 300,000 Native Americans against the DOI, which oversees the Bureau of Indian Affairs (BIA). Lamberth ordered the shutdown in March 2004, which put the DOI offline for several days before a stay was granted. The Dec. 3 ruling overturned Lamberth's order. The Internet shutdowns all started in December 2001, when Lamberth ruled that the government breached its trust obligations resulting in accounting errors for some $10 billion owed to Native Americans and he ordered an overhaul of DOI systems. The BIA systems were so bad that the DOI could not determine which systems housed Indian trust data and DOI was ordered to take all eight agencies offline, bringing four months of chaos that showed just how entrenched the Internet had become in the day-to-day life of the government. Ironically, those hurt worst were Native Americans, who went without their existing trust payments as systems were hogtied. To this day, the BIA remains disconnected from the Internet pending a settlement. But the DOI's other seven agencies are all back up and online, including the Minerals Management Service, Bureau of Land Management, the Fish and Wildlife Service, the Office of Surface Mining and the National Park Service. And the DOI is busy working on its computer security. In the past two years, the BIA has allocated more than $50 million to overhaul its computer systems and network including firewalls and other security software, according to the DOI, including a new IT center in suburban Washington, D.C. Dave Anderson, who took over as head of the BIA earlier this year, said during a February tour he conducted for tribal leaders that the facility's network is the "most sophisticated" within the DOI. "The department has made significant investment in IT security," says Dan DuBray, acting press secretary for the DOI. "Those investments have provided multiple hardening of these systems that house Indian trust data." DuBray says the DOI believes that the data in question is now among the most secure in the federal government. He declined to provide details on the security measures deployed. But experts say the federal government in general is working to harden its computer systems especially in light of the Federal Information Security Management Act, which was enacted in 2002 and ties funding for federal information technology projects to security compliance, and the Sept. 11 attacks. "Those agencies involved in national security have spent billions of dollars with a focus on information security," says Ray Bjorklund, senior vice president and chief knowledge officer for Federal Sources, a research firm focused on public sector IT. "The civil agencies are putting more energy into bolstering information security. It is hard to put an exact dollar amount on these things, but they are spending billions of dollars per year on security." _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Fri Dec 10 2004 - 03:55:55 PST