US Government Agency Seems to Think Computer Mice Can Carry Dangerous Malware
A day after President Barack Obama announced a "smart government" initiative to distract from his government's abuses and wastefulness, there is fresh evidence that our government is in fact braid dead stupid. Ars Technica reports on the case of the Economic Development Agency. The EDA, a part of the Department of Commerce, got word that its computer systems had become infected with some malware. Its response was the opposite of "Keep Calm and Carry On." Its response was to panic, run around randomly, and destroy stuff.
EDA's CIO, fearing that the agency was under attack from a nation-state, insisted instead on a policy of physical destruction. The EDA destroyed not only (uninfected) desktop computers but also printers, cameras, keyboards, and even mice. The destruction only stopped—sparing $3 million of equipment—because the agency had run out of money to pay for destroying the hardware.
The total cost to the taxpayer of this incident was $2.7 million: $823,000 went to the security contractor for its investigation and advice, $1,061,000 for the acquisition of temporary infrastructure (requisitioned from the Census Bureau), $4,300 to destroy $170,500 in IT equipment, and $688,000 paid to contractors to assist in development a long-term response. Full recovery took close to a year.
It's the cluelessness that's most alarming about all this. As the report points out, the IT folks at the EDA had no idea what they were dealing with, so they went nuts and wrecked things that didn't need wrecking. Those same IT folks have no idea what constitutes a real, bona fide threat to their systems. So they won't see one coming. They'll be too busy acid burning PC monitors and sledgehammering innocent mice.