14 DAY TRIAL // It’s well known that the United States government is highly concerned about the impact of cyberattacks on its systems. However, some government agencies tend to exaggerate when it comes to malware.
According to a report from the US Department of Commerce’s inspector general, the Economic Development Administration (EDA) doesn’t know how to handle a malware infection.
In December 2011, the US Computer Emergency Response Team (US-CERT) notified the Department of Commerce Computer Incident Response Team (DOC CIRT) that a potential malware infection was detected on the Department of Commerce’s systems.
EDA’s cybersecurity contractor was called in to evaluate the situation. After a 2-week investigation, the contractor determined that most of the detections were false positives, and couldn’t find any evidence of persistent malware or a targeted attack.
“However, EDA’s CIO concluded that the risk, or potential risk, of extremely persistent malware and nation-state activity (which did not exist) was great enough to necessitate the physical destruction of all of EDA’s IT components,” the report reads.
So, the EDA started destroying equipment. They managed to destroy $170,000 (€132,000) worth of IT components, including desktop computers, keyboards, TVs, cameras, printers and mice.
They stopped when their funds ran out, but they intended to destroy other equipment, valued at over $3 million (€2.33 million), once more funds would become available.
The inspector general concluded that the destruction was clearly unnecessary, especially since the EDA had spent over half of its budget for the fiscal year 2012 on the operation.
The US government is not the only one that makes bad decisions when it comes to malware removal. In April, we learned that a German Ministry of Education threw 170 computers in the trash just because they were infected with the Conficker malware.
The ministry considered it would be less expensive to buy new ones than to clean the malware from the old ones.