indianz.com your internet resource indianz.com on facebook indianz.com on twitter indianz.com on Google+ indianz.com on soundcloud
phone: 202 630 8439
Fredericks Peebles & Morgan LLP
Advertise on Indianz.Com
Home > News > Headlines
Print   Subscribe
Bureau of Indian Affairs still failing on online security measures

Filed Under: National | Technology | Trust
More on: bia, bie, doi, donald trump, george bush, hhs, internet, oig, ost, ryan zinke
     
   

Mike Black, the acting Assistant Secretary for Indian Affairs, addresses the winter session of the National Congress of American Indians in Washington, D.C., on February 14, 2017. Photo by Indianz.Com / Available for use under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License

More than 15 years after a computer shutdown sent Indian Country into turmoil, the federal government is still failing to protect its online systems, according to a new watchdog report.

In December 2001, the Bureau of Indian Affairs was forced to disconnect its computers from the internet because billions of dollars in Indian trust funds were vulnerable to loss. Despite widespread attention to the problem by the media, the courts and Congress, the agency is still struggling to address it.

The Department of the Interior's Office of Inspector General in fact called security efforts at the BIA "immature" in the new report. The agency, along with its Bureau of Indian Education, was singled out as consistently failing to correct "thousands" of information technology vulnerabilities.

"We found that the BIA's management practices failed to detect critical and high-risk vulnerabilities" on one particular system, the report stated.

The OIG did not identify which system was at major risk -- the name was redacted from report. But it was described as "high-value IT asset that contains personally identifiable information," indicating it could be one that houses the trust data of individual Indians or tribes, or one with information about BIA employees, the overwhelming majority of whom are tribal citizens.

The problem wasn't isolated either. According to the report, the agency "left thousands of critical and high-risk vulnerabilities unmitigated for years on other BIA and BIE systems."

The BIA in fact never installed systems-management software on any of the 209 BIE devices that were tested in 2016 as part of the OIG's review. The reason? No one bothered to find the money for the effort, the report stated.

"This occurred because Indian Affairs, which includes both BIA and BIE, did not fund the purchase of IBM BigFix licenses for BIE systems," the OIG said.

The BIA has since promised to complete the installation of the software on the 209 BIE devices by April, according to the report. Most devices in fact already have BigFix, former acting assistant secretary Larry Roberts and another top official said in a letter signed in the waning days of the Obama administration.

But the overall effort appears to be slow-moving. According to Roberts, the target date for ensuring all devices at the BIA and the BIE are covered is more than a year away, or June 30, 2018.

"Until BIA improves its IT security practices and [the Office of Chief Information Office at DOI] strengthens its oversight role, BIA high-value IT assets will remain at high risk of compromise, the results of which could have a serious adverse effect on DOI operations and cause the loss of sensitive data," the report said.

The BIA wasn't the only agency at Interior with IT management issues, though. The report cited a March 2016 incident in which a "power outage" caused problems for the BIA, the Department of Health and Health and Human Services and the Office of Special Trustee for American Indians.

The entity responsible for that outage was redacted in the report but it appears to be one with a very short acronym. The incident was the result of "inadequate contingency planning and plan testing" by said entity, the OIG asserted.

The 2001 shutdown at BIA came during the throes of the Cobell trust fund lawsuit after a federal judge found that hackers were able to penetrate systems containing the data of hundreds of thousands of individual Indians. A security expert later testified how he was easily able to exploit weaknesses at Interior through the public internet.

It took four years of additional shutdowns and repeated trips to a federal appeals court before the BIA and other DOI entities came back online. During the interim, trust fund payments to individual Indians and even to tribes were delayed, causing hardship throughout the nation.

Interior spends about $1 billion a year on information technology, according to the report. But the Indian trust shutdown, while it had a large impact at the time, has largely faded from public view since former Republican president George W. Bush left office.

A Republican, Donald Trump, is back in the White House and Interior is awaiting the arrival of Ryan Zinke, a Republican Congressman from Montana, as its new leader. His nomination will finally be considered by the Senate next week.

Office of Inspector General Report:
Information Technology Security Weaknesses at a Core Data Center Could Expose Sensitive Data (February 2017)


Copyright © Indianz.Com
More headlines...

Latest Headlines:

Tribes in for long haul as oil continues to flow through Dakota Access
Mark Trahant: Don't plan on getting sick if you're from Indian Country
Tiffany Midge: I shall joke as long as the grass grows and the rivers flow
Director of Office of Indian Energy deletes offensive Twitter account
States cheer decision on grizzly bears amid tribal concerns about hunts
Washington asks high court to overturn Yakama Nation treaty victory
New York Times editorial board reconsiders stance on racist trademarks
Colville Tribes remove council member a week before citizens go to polls
Marijuana firm promises big investments with help of ex-Seminole chair
Lumbee Tribe ordered to release voter list to opponents of chairman
National Indian Gaming Association chooses David Bean as vice chair
Eastern Cherokee citizen promoted to vice president of casino marketing
Tribes in Connecticut waiting on governor to sign bill for new casino
Secretary Zinke removes protections for grizzlies over tribal objections
Court sets final deadline for remaining payments from Cobell settlement
Mary Annette Pember: Indian Child Welfare Act strengthens our families
Peter d'Errico: Navajo authors offer fresh perspective on sovereignty
Native woman was jailed and forced to ride with assailant during trial
Ute Mountain Ute Tribe challenges new permit for uranium operation
Montana tribes get new member of Congress who pleaded to assault
Connecticut tribes welcome court decision favoring new casino law
Pueblo tribes dispute state's demand for $40M in gaming revenues
Mashpee Wampanoag Tribe remains confident of approval of casino
Nooksack Tribe accepting slot tickets while casino remains closed
Key House committee under fire for moving slowly on tribal agenda
Tribes go it alone on climate change as Trump team shifts priorities
Bryan Newland: President Trump's budget threatens tribal treaties
Steve Russell: The GI Bill changed the United States for the better
Harold Monteau: Democrats lack proactive agenda, proactive strategy
St. Regis Mohawk Tribe orders 20 non-citizens to leave reservation
Wilton Rancheria accused of working too closely with city on casino
Witness list for hearing on bill to reform the Indian Health Service
Arne Vainio: What does the princess want to be when she grows up?
Doug George-Kanentiio: 'Spirit Game' brings Iroquois lacrosse to life
Cronkite News: Navajo activist vows fight against racist NFL mascot
Eric Hannel: Addressing the health care crisis among Native Americans
Bill for tribal regalia at graduation ceremonies advances in California
Ramapough Lunaape Nation wins reversal of ruling on prayer camp
Mashpee Wampanoag Tribe still waits on casino ruling from Trump team
Another former leader of Winnebago Tribe pleads in gaming theft case
Supreme Court ruling poses hurdle for opponents of racist NFL mascot
Change the Mascot campaign responds to negative Supreme Court ruling
Secretary Zinke set for another hearing on Interior Department budget
Mark Trahant: Republicans write health reform bill behind closed doors
Jeff Grubbe: Agua Caliente Band focuses on protecting our groundwater
Steven Newcomb: Asserting our traditions in the era of Donald Trump
Shasta Dazen: 'Family Spirit' program incorporates our tribal traditions
Secretary Zinke shuffles top Indian Affairs officials at Interior Department
Choctaw Nation travels to Ireland to dedicate 'Kindred Spirits' sculpture
Nooksack Tribe closes doors to casino after being hit with federal order
Muscogee Nation asserts authority at allotment where casino was proposed
Mark Trahant: Dakota Access decision offers a chance to return to respect
Cheyenne River Sioux Tribe hails 'victory' in Dakota Access Pipeline case
Nooksack Tribe told to close casino amid leadership and citizenship feud
Kristi Noem: Enough is enough - It's time to fix the Indian Health Service
Second hearing scheduled on bill to reform the Indian Health Service
Trump nominee for appeals court seen as favorable to tribal interests
>>> more headlines...

Home | Arts & Entertainment | Business | Canada | Cobell Lawsuit | Education | Environment | Federal Recognition | Federal Register | Forum | Health | Humor | Indian Gaming | Indian Trust | Jack Abramoff Scandal | Jobs & Notices | Law | National | News | Opinion | Politics | Sports | Technology | World

Indianz.Com Terms of Service | Indianz.Com Privacy Policy
About Indianz.Com | Advertise on Indianz.Com

Indianz.Com is a product of Noble Savage Media, LLC and Ho-Chunk, Inc.