Audit shows agency destroyed computers, keyboards, mice over virus fear

[Hum]

WASHINGTON ?  In an almost cartoonish response to a relatively minor problem, employees at the obscure Economic Development Administration took a hammer to their computers, keyboards and mice to physically destroy every piece of technology they had after incorrectly believing their network had been hacked.

Not only was the reaction unorthodox and unnecessary, it cost $2.7 million in damages -- more than half the agency?s annual technology budget, according to a recently released inspector general report.  

The scathing audit also reveals that employees and contractors hired by the agency, which operates under the Commerce Department, repeatedly broke protocol and embarked on a series of bizarre blunders based on faulty information. Among them was the apparent assumption that a computer mouse can carry a virus.

An EDA spokesperson told FoxNews.com that the IT disruptions did not affect the agency?s work.

On Dec. 6, 2011, the U.S. Computer Emergency Response Team, which operates under the Department of Homeland Security, notified the Commerce Department that it detected a potential malware infection within the department?s computer system. Malware is software intended to damage or disable computer systems.

The EDA hired a cybersecurity contractor to look for malware on the agency?s computer systems. The contractor initially found evidence of corrupt software but concluded two weeks later that the findings were in fact false positives. But the EDA wanted a guarantee that its computer system was infection-free and that no malware could persist ? something nearly impossible to promise.

?External incident responders were unable to provide the assurance EDA?s CIO sought, because doing so involved proving that an infection could not exist rather than that one did not exist,? the report said.

Four months later, in April, the contractor told the agency he was unable to find ?any extremely persistent malware or indications of a targeted attack on EDA?s systems.?

By mid-May, EDA decided further forensic investigation would probably not lead to any new evidence. In the end, only six infected components were identified and according to the report, all easily fixable. But instead of taking that route, the EDA decided to physically destroy its hardware system.

more

[Max Norris]

Nuke it from orbit.  It's the only way to be sure.

[jren207]

Yeah, I use wipes on my mouse. You never know which germs will build up on it :shiftyninja: .

[Atomic Wanderer Chicken]

If the Govt is so worried about Malware, they should switch to Linux or Apple which are both very virus proof.

[Praetor]

Nuke it from orbit.  It's the only way to be sure.

 

while reading this article i though the very same thing :)

If the Govt is so worried about Malware, they should switch to Linux or Apple which are both very virus proof.

 

even that can't stop a virus from infecting a mouse or keyboard :laugh:

[McKay]

Here at work when we have to destroy "SECRET" Machines, we have to destroy EVERYTHING that was inside the main tower. We're not even allowed to re-use the RAM inside.

[Praetor]

Here at work when we have to destroy "SECRET" Machines, we have to destroy EVERYTHING that was inside the main tower. We're not even allowed to re-use the RAM inside.

 

even the PSU? because that doesn't even hold data...

that's a bit paranoid and spending-free mentality, isn't?

[DrJohnSmitherson]

Government

[Sadelwo]

This is what happens when employees watch "Terminator" marathons.

[Max Norris]

If the Govt is so worried about Malware, they should switch to Linux or Apple which are both very virus proof.

Neither one are in any way "virus proof."  Any operating system can get malware, there's no such thing.

[Atomic Wanderer Chicken]

Neither one are in any way "virus proof."  Any operating system can get malware, there's no such thing.

 

I meant less prone to viruses. A base Dell OptiPlex costs $400, compared to a Mac which is like $2000, thus is why the Govt, businesses, schools use PCs!  If our govt bought Macs, we would be in severe debt :woot:

[The Evil Overlord]

Well I'm truly screwed then, I use a g10 keyboard....

I'm going to miss that semi useless acreen. :cry:

[sn0wbl1tz]

I think that's too extreme. Get a antibacterial wipe and it will be good as new.

[webeagle12]

Seriously, what a morons from another planet.

[Gerowen]

This is nothing new for the feds.  Here's my contribution to this subject.

 

Having worked in government IT, most of you guys would be dumbfounded if not angry at how much money gets wasted on stupid crap by federal agencies.  Here are some examples from my experience, none of which I had the power to make the decisions on, I just dealt with it the best I could.

 

- Purchase several thousand Dell computers with Windows pre-installed, replace it with a separate volume license that was paid for by the base headquarters.  Over the years we've probably sent millions of dollars to Microsoft for unique, individual licenses for Windows XP-7 on computers that just got re-imaged with our own volume license as soon as they were handed down to us from higher.

- Buy tens of thousands of computers every year.  Dell Latitude D620 works fine for office work and has no major flaws.  Easy to work on, and last for a really long time.  As soon as the new model is released, replace every single one of them with Dell Latitude D630s (Refer to my first point about Windows licenses), which look exactly the same and don't really have drastic improvements made to the horsepower, especially since all they're going to get used for is powerpoint.  Year after that, E6500s (Again see first point about licenses), and so on and so on.

- Buy a dozen thousand foot boxes of ethernet wire before every field exercise because you know the officers are going to change their mind on TOC layouts every time you go to the field, so you've stopped even trying to pre-cut and number wires and have found it easier to just roll up the old ones, stuff them in a box for extra bits and pieces later and re-run 2,500 feet of fresh cabling every time you set up.

- Spend tens of thousands of dollars on kick-ass stack servers that come in tactical, air and water tight cases and host everything from domain control services to DNS to SharePoint and more.  Train soldiers up on how to deploy and maintain them.  Leave them in the connex for the entirety of a year long deployment because a separate set of servers had been bought and left at the area you took over. (Actually I took out the UPS units to keep our switches running when mortars knocked out power, so they weren't "totally" useless)  3 years later, toss them into a connex so they can rot because you bought newer servers that do the exact same thing, but run a different host OS so you have to re-train everybody on how to use the new system.

 

I could keep going, but you get the idea.

[thomastmc]

?External incident responders were unable to provide the assurance EDA?s CIO sought, because doing so involved proving that an infection could not exist rather than that one did not exist,? the report said.

 

In the end, only six infected components were identified and according to the report, all easily fixable. But instead of taking that route, the EDA decided to physically destroy its hardware system.

 

They HAL 9000'ed themselves :) 

 

Probably just a faulty logic center.

 

The novel explains that HAL is unable to resolve a conflict between his general mission to relay information accurately and orders specific to the mission requiring that he withhold from Bowman and Poole the true purpose of the mission. With the crew dead, he reasons, he would not need to be lying to them. He fabricates the failure of the AE-35 unit so that their deaths would appear accidental. 

This contradiction created a "Hofstadter-Moebius loop", reducing HAL to paranoia. Therefore, HAL made the decision to kill the crew, thereby allowing him to obey both his hardwired instructions to report data truthfully and in full, and his orders to keep the monolith a secret. In essence: if the crew were dead, he would no longer have to keep the information secret.

http://en.wikipedia.org/wiki/HAL_9000

[Yogurtmaster]

oh my... Yikes... How about some education there. 

[AJerman]

Hahaha, that's so awesome. I'm amazed that as common as computers are, so many people are still so clueless about them. What's $2.7 million wasted anyway? What's funny is I bet no matter what they destroyed, it wouldn't cost anywhere near $2.7 million to replace. So they probably wasted money by destroying them, then wasted more by spending way too much to replace them.

[fusi0n]

sometimes you just have to be sure..

[rfirth]

 They HAL 9000'ed themselves :)  

 

"This sort of thing has cropped up before, and it has always been due to human error." - HAL

[Brandon H Supervisor]

I meant less prone to viruses. A base Dell OptiPlex costs $400, compared to a Mac which is like $2000, thus is why the Govt, businesses, schools use PCs!  If our govt bought Macs, we would be in severe debt :woot:

/me looks back to the 90's when most schools used macs

(i was in elementary school in the mid-to-late 90's btw)