Appeals court keeps Interior Department online

Interior Dept. wins reprieve after judge orders its computers disconnected from the Internet, citing security below "F."

Declan McCullagh
Declan McCullagh Former Senior Writer
Declan McCullagh is the chief political correspondent for CNET. You can e-mail him or follow him on Twitter as declanm. Declan previously was a reporter for Time and the Washington bureau chief for Wired and wrote the Taking Liberties section and Other People's Money column for CBS News' Web site.
2 min read
An appeals court has granted the Interior Department a reprieve after a lower court ordered it to sever the Internet connection of any computer that could hold data relating to American Indian trust accounts.

Citing abysmal security at the federal agency, U.S. District Judge Royce Lamberth in Washington on Thursday ordered that all computers or devices that "provide access" to American Indian trust data be disconnected from the Internet and the department's intranet.

As justification for the forcible disconnection, Lamberth wrote a 205-page opinion reviewing the department's lackluster computer security efforts. "Inspector General Devaney testified that he grades Interior's IT security an 'F'," Lamberth wrote, noting that another expert gave it a "G," one notch lower than an "F."

The U.S. Court of Appeals in Washington on Friday granted a temporary stay of the order and gave government attorneys until Oct. 27 to submit a full appeal.

In a brief emergency request to the appeals court earlier in the day, the Bush administration argued that Interior Department functions "will be gravely affected by such a cutoff" with wide-ranging effects on "contracting and procurement activities, financial management, education programs, royalties distributions, IT security, hiring and recruiting and public database access."

Thursday's order is the latest development in a long-running class action lawsuit in which thousands of American Indians accuse the federal government of cheating them out of some $100 billion by mismanaging timber, oil and other revenues arising from their land.

Lamberth first ordered the disconnection of some systems in December 2001, after a court-appointed special master noted the department had "no firewalls, no staff currently trained/capable of building and maintaining firewall devices" and no way to monitor network activity.

In one external-penetration testing of Interior Department systems, a contractor gained access to a database with information about "Indian Trust Systems." From there, the contractor was able to secure full administrator privileges on at least two servers.

Another war-driving test of the department's systems found "at least 700 wireless local area networks," even though the Interior Department reported no wireless-enabled laptops and no wireless adapter cards on an official inventory of devices. To perform the penetration analysis, testers rented a minivan and sat in the parking lot of one Interior Department building for two hours without being questioned by guards.

Lamberth's order says that Interior Department systems "necessary for protection against fires or other such threats to life, property or national security may remain connected."