indianz.com your internet resource indianz.com on facebook indianz.com on twitter indianz.com on Google+ indianz.com on soundcloud
phone: 202 630 8439
The University of Tulsa College of Law - Master's in Indian Law
Advertise on Indianz.Com
Home > News > Headlines
Print   Subscribe
Bureau of Indian Affairs still failing on online security measures

Filed Under: National | Technology | Trust
More on: bia, bie, doi, donald trump, george bush, hhs, internet, oig, ost, ryan zinke
     
   

Mike Black, the acting Assistant Secretary for Indian Affairs, addresses the winter session of the National Congress of American Indians in Washington, D.C., on February 14, 2017. Photo by Indianz.Com / Available for use under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License

More than 15 years after a computer shutdown sent Indian Country into turmoil, the federal government is still failing to protect its online systems, according to a new watchdog report.

In December 2001, the Bureau of Indian Affairs was forced to disconnect its computers from the internet because billions of dollars in Indian trust funds were vulnerable to loss. Despite widespread attention to the problem by the media, the courts and Congress, the agency is still struggling to address it.

The Department of the Interior's Office of Inspector General in fact called security efforts at the BIA "immature" in the new report. The agency, along with its Bureau of Indian Education, was singled out as consistently failing to correct "thousands" of information technology vulnerabilities.

"We found that the BIA's management practices failed to detect critical and high-risk vulnerabilities" on one particular system, the report stated.

The OIG did not identify which system was at major risk -- the name was redacted from report. But it was described as "high-value IT asset that contains personally identifiable information," indicating it could be one that houses the trust data of individual Indians or tribes, or one with information about BIA employees, the overwhelming majority of whom are tribal citizens.

The problem wasn't isolated either. According to the report, the agency "left thousands of critical and high-risk vulnerabilities unmitigated for years on other BIA and BIE systems."

The BIA in fact never installed systems-management software on any of the 209 BIE devices that were tested in 2016 as part of the OIG's review. The reason? No one bothered to find the money for the effort, the report stated.

"This occurred because Indian Affairs, which includes both BIA and BIE, did not fund the purchase of IBM BigFix licenses for BIE systems," the OIG said.

The BIA has since promised to complete the installation of the software on the 209 BIE devices by April, according to the report. Most devices in fact already have BigFix, former acting assistant secretary Larry Roberts and another top official said in a letter signed in the waning days of the Obama administration.

But the overall effort appears to be slow-moving. According to Roberts, the target date for ensuring all devices at the BIA and the BIE are covered is more than a year away, or June 30, 2018.

"Until BIA improves its IT security practices and [the Office of Chief Information Office at DOI] strengthens its oversight role, BIA high-value IT assets will remain at high risk of compromise, the results of which could have a serious adverse effect on DOI operations and cause the loss of sensitive data," the report said.

The BIA wasn't the only agency at Interior with IT management issues, though. The report cited a March 2016 incident in which a "power outage" caused problems for the BIA, the Department of Health and Health and Human Services and the Office of Special Trustee for American Indians.

The entity responsible for that outage was redacted in the report but it appears to be one with a very short acronym. The incident was the result of "inadequate contingency planning and plan testing" by said entity, the OIG asserted.

The 2001 shutdown at BIA came during the throes of the Cobell trust fund lawsuit after a federal judge found that hackers were able to penetrate systems containing the data of hundreds of thousands of individual Indians. A security expert later testified how he was easily able to exploit weaknesses at Interior through the public internet.

It took four years of additional shutdowns and repeated trips to a federal appeals court before the BIA and other DOI entities came back online. During the interim, trust fund payments to individual Indians and even to tribes were delayed, causing hardship throughout the nation.

Interior spends about $1 billion a year on information technology, according to the report. But the Indian trust shutdown, while it had a large impact at the time, has largely faded from public view since former Republican president George W. Bush left office.

A Republican, Donald Trump, is back in the White House and Interior is awaiting the arrival of Ryan Zinke, a Republican Congressman from Montana, as its new leader. His nomination will finally be considered by the Senate next week.

Office of Inspector General Report:
Information Technology Security Weaknesses at a Core Data Center Could Expose Sensitive Data (February 2017)


Copyright © Indianz.Com
More headlines...
Stay Connected:
On Facebook

On Twitter

On Google+

On SoundCloud
Local Links:
Federal Register | Indian Gaming | Jobs & Notices | In The Hoop | Message Board
Latest News:
Supreme Court hands defeat to tribal interests in sovereignty case (4/25)
Matthew Fletcher: 'Gamesmanship' brings defeat in Supreme Court (4/25)
Supreme Court relists petition in Gun Lake Tribe gaming land case (4/25)
Southwestern Indian Polytechnic Institute team wins NASA prize (4/25)
Former top Bureau of Indian Affairs official joins Washington firm (4/25)
Native Sun News Today: Groups fight uranium mining in Black Hills (4/25)
Cronkite News: Budget deadline falls on Donald Trump's 100th day (4/25)
Mary Annette Pember: Indian Child Welfare Act heals our families (4/25)
André Cramblit: Tribes must make language survival a top priority (4/25)
Cowlitz Tribe welcomes big crowd to $510M casino in Washington (4/25)
Pojoaque Pueblo loses big decision in gaming dispute with state (4/24)
Supreme Court takes no action on long-running tribal land case (4/24)
Yakama Nation landowners see $68M in Cobell buy-back offers (4/24)
Tim Giago: Sovereignty at risk with Donald Trump in White House (4/24)
Mark Trahant: Donald Trump & Republicans can't seem to govern (4/24)
Native Sun News Today: Chickasaw citizen donates prom dresses (4/24)
Steve Russell: The BEST advertisement for education in America (4/24)
Arlana Bennett: Picking cans with my father became our tradition (4/24)
Terese Mailhot: Maybe some people should be able to play Indian (4/24)
Charles Kader: Tribal communities still face threats to their lands (4/24)
3rd suspect sought in connection with death of elderly Native man (4/24)
Mashantucket Tribe expresses interest in growing industrial hemp (4/24)
Shutdown of federal government looms ahead of April 28 deadline (4/24)
Confederate monuments start coming down as Jackson stays put (4/24)
Blackfeet Nation citizens approve historic water rights settlement (4/21)
Native Sun News Today: Cheyenne River Sioux woman still walking (4/21)
James Giago Davies: Our future is not bleak but bright with promise (4/21)
Rosalyn LaPier: Tradition blends with science in tribal communities (4/21)
Simon Moya-Smith: Media continues to peddle in Indian stereotypes (4/21)
Steven Newcomb: Bill in California dehumanizes indigenous peoples (4/21)
American Indian Library Association battles Trump's big budget cut (4/21)
Navajo Nation citizen faces death penalty for murder of tribal officer (4/21)
Meskwaki Tribe diversifies economy with barbecue sauces and more (4/21)
Aquinnah Wampanoag Tribe must keep fighting despite gaming win (4/21)
Native Sun News Today: Body of missing Cheyenne River man found (4/20)
Ivan Star Comes Out: True tribal histories are concealed in America (4/20)
Steve Russell: Thoughts about sovereignty and tribal governments (4/20)
Dwanna Robertson: Dispelling a common myth about tribal gaming (4/20)
Whiteclay liquor stores ordered to shut down after losing licenses (4/20)
Cherokee Nation blames pharmaceutical industry for opioid crisis (4/20)
Eastern Cherokee citizens back chief amid call for impeachment (4/20)
North Carolina woman punished for abducting Cherokee children (4/20)
Ramapough Lenape Nation denied permit for anti-pipeline camp (4/20)
Ho-Chunk Nation remains confident as rival tribe sues over casino (4/20)
Nottawaseppi Huron Band invests casino funds in unique project (4/20)
Pechanga Band reaches midway point of $285M casino expansion (4/20)
more headlines...

Home | Arts & Entertainment | Business | Canada | Cobell Lawsuit | Education | Environment | Federal Recognition | Federal Register | Forum | Health | Humor | Indian Gaming | Indian Trust | Jack Abramoff Scandal | Jobs & Notices | Law | National | News | Opinion | Politics | Sports | Technology | World

Indianz.Com Terms of Service | Indianz.Com Privacy Policy
About Indianz.Com | Advertise on Indianz.Com

Indianz.Com is a product of Noble Savage Media, LLC and Ho-Chunk, Inc.