Interior officials accused of covering up IT security flaws

 

Connecting state and local government leaders

Senior Interior Department officials have been accused of threatening to demote the Bureau of Land Management's CIO in a bid to deter her and other federal employees from testifying forthrightly about the department's IT security flaws.

Senior Interior Department officials have been accused of threatening to demote the Bureau of Land Management's CIO in a bid to deter her and other federal employees from testifying forthrightly about the department's IT security flaws.Plaintiffs in a long-running lawsuit over funds the department holds in trust for American Indians asked the U.S. District Court for the District of Columbia to charge Interior Secretary Gale Norton, Department CIO Hord Tipton and others with civil and criminal contempt for retaliating against the bureau's CIO, Ronnie Levine.The court now has heard more than 50 days of testimony in a hearing intended to determine whether the court should order Interior's systems to be disconnected from the Internet again [GCN, April 5, 2004, Page 5], as the plaintiffs in the case of Cobell vs. Norton have requested.Judge Royce Lamberth is under no deadline to rule on the latest episode'the request to disconnect Interior's systems from the Internet or the claim of contempt'of this 9-year-old saga.Lamberth first severed nearly all the department's Internet links in December 2001 to protect trust data from hacking.Since then, department officials have obtained Lamberth's permission to reconnect most of their systems after having upgraded their security.A key point in the current hearing has been whether department IT officials have been honest in their testimony and with other evidence presented to the court about their efforts to upgrade the department's IT security. The plaintiffs, who represent some 500,000 American Indians seeking to recover upwards of $100 billion missing from the trust funds, contend that the department consistently has tried to mislead the court and conceal IT security flaws. They claim that faulty IT exposes the funds to theft and makes it impossible to account for them.According to the plaintiffs, Levine resisted efforts by Interior higher-ups to misrepresent Interior's IT security. Department officials retaliated by filing a negative report on her job performance, according to hearing testimony.According to the plaintiff's court filing last week, Levine took the stand July 1 and was visibly upset and unable to testify. 'The court and the plaintiffs then learned from the Department of Justice that Ms. Levine had been told, mere hours before she was to resume the stand, that she had been removed as bureau CIO.'BLM officials in Levine's office said last week that she was still in place as the bureau's CIO. Levine and Interior Department officials were not available to comment on her testimony that she had been told of her transfer to a less important job on July 1, or on the request for contempt charges. BLM spokesman Ken Greenberger referred inquiries to Levine.According to the recently unsealed testimony, Levine met with Larry Benna, BLM's deputy director for operations, at 12:30 p.m. on July 1. When Benna asked her how she was doing in court, Levine told the judge, 'I said, 'I think I'm done,' you know, and I was going to say more, but then he interrupted and he says, 'Oh well, ... we're moving you to Eastern States.' 'The plaintiffs contend that Benna told Levine about her removal and transfer to a less important job only after her testimony, to hide the retaliation from Lamberth.'Secretary Norton's senior managers viciously punished Ms. Levine for no reason other than providing truthful information to this court,' the plaintiffs told Lamberth. 'They did not do so by mistake.'The plaintiffs cited the department's 'vindictive nature and chilling effect' of the alleged retaliation on other department employees.Interior officials reject charges that its IT security is lax, both in court testimony and in other public statements.'What is telling in all this is there has never been evidence presented that there has ever been an intrusion in the department's systems that has been accomplished by anyone who was not an agent of the federal government or the court,' said Interior spokesman Dan Dubray.Various systems experts under contract to the court and the department have penetrated Interior's systems.The most recent report on Interior's IT security flaws came from the department's inspector general. Auditors reported that the systems are so easy to penetrate that they potentially could cause 'severe or catastrophic' problems.Computer specialists working for the IG pinpointed 24 servers that hold Indian trust data and said they were able to penetrate two servers and gain full, undetected access to the Bureau of Land Management's internal networks and intranet.Levine had clashed with her Interior supervisors over whether those systems should be certified as secure, according to her testimony.The auditors made several systems security recommendations, saying that if BLM did not adopt them quickly, it should disconnect its systems from the department's networks. Levine also sought to isolate vulnerable systems, according to testimony.Other evidence suggests Interior's systems are less than secure. The department earned a C+ grade for security on the House Government Reform Committee's 2004 Federal Information Security Management Act evaluation. And according to the Office of Management and Budget's 2004 FISMA Report to Congress, the department did have a verified plan of action and milestones for improving its computer security, but its certification and accreditation process earned only a 'satisfactory' evaluation.'The thing to remember is that we asked the IG to do this study,' said Tina Kreisher, Interior's communications director. 'We are concerned about IT security. This study was a way of helping to test it. As this plays out and we discover flaws, we fix them.'

INDIAN TRUST CASE: Plaintiffs have asked the court to charge Interior CIO Hord Tipton with civil and criminal contempt.

Rick Steele









































Or else...





X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.