Bureaucracy in (in)action

Why am I not surprised by this? The Economic Development Administration (EDA) overreacted to being informed that they had malware on their internal system, to the point of physically destroying $170,500 of computer hardware (and would have destroyed more if they had not run out of budget to carry on that destruction).

US agency baffled by modern technology, destroys mice to get rid of viruses | Ars Technica.

In December 2011, the Department of Homeland Security notified both the EDA and the National Oceanic and Atmospheric Administration (NOAA) that there was a possible malware infection within the two agencies’ systems.

The NOAA isolated and cleaned up the problem within a few weeks.

The EDA, however, responded by cutting its systems off from the rest of the world—disabling its enterprise e-mail system and leaving its regional offices no way of accessing centrally held databases.

Tip: Richard Cornford

Our tipster notes that apparently a government agency has nobody in their employ who understands the difference between software and hardware? It’s not unreasonable to see an overreaction. The best IT people probably do not work for the government who tend to be paranoid about this sort of stuff. The article notes there were errors made but the agency acted unreasonably, in a very poor way.

COMMENTING ON SOMEONE ELSE'S SITE IS NOT A RIGHT, IT'S A PRIVILEGE. READ AND UNDERSTAND THE COMMENT POLICY BEFORE SUBMITTING. NONSENSE IS NOT PERMITTED.

  5 comments for “Bureaucracy in (in)action

  1. spookyparadigm
    July 9, 2013 at 10:35 PM

    Possible explanations (or a blend of all of the above)

    1. Corruption (see outgoing money to contractors)

    2. Idiocy, as you suggest

    3. Potential fears over unlikely but possible threats (and this is where the skeptic part is particularly important). Physical attacks through keyboards and the like DO happen. My university recently had a cheating scandal in which a student placed a keylogger physically in between the keyboard and CPU of a classroom computer, thereby gaining access to their professor’s credentials, and hijinks ensued (steps have and are being taken to deal with this, and no, they didn’t involve destroying equipment). I haven’t researched this, but my understanding is that there are in fact keyloggers disguised inside keyboards, so even basic visual inspection by a non-expert would not work.

    Further, if they really thought a foreign power was at work, well, that’s how Stuxnet worked. Stuxnet was supposedly developed by the Americans and the Israelis as a weapon to physically sabotage Iran’s nuclear processing facilities. The virus was tailor-made to attack these facilities, and was introduced in cybercafes etc. in the vicinity of the plants. Workers then brought it in inadvertently on flash drives, and away we go.

    I can easily imagine an over-reaction being based on knowledge these unlikely but possible threats.

  2. Nos482
    July 10, 2013 at 12:02 AM

    Looks like it’s time for my favourite sentence again:

    Exceptionally stupid people aren’t exceptional…but stupid. =P

  3. Halidom
    July 10, 2013 at 3:26 AM

    I always whack my computer with a hammer when I think it has virus/malware. Tried using a fly swatter but that didn’t give the same satisfaction level a hammer does. A friend says he just uses bug sprays but not knowing what bug your spraying makes that difficult.

  4. Brian
    July 10, 2013 at 7:58 AM

    “The Economic Development Administration (EDA) overreacted to being informed that they had malware on their internal system, to the point of physically destroying $170,500 of computer hardware…”

    I read it, read the comments, and actually had my mind…. stop…. and mutter “what…. the… ****?!” I have heard of viruses destroying computers (like overheating the cpu, spinning the hard drives till they self destructed- stuff like that)…. but this bunch of clowns DESTROYED THEIR OWN EQUIPMENT????

    Talk about rising to their level of incompetence! I feel sorry for the ones who had to stand by, horrified, and screaming “There are tools to fix this! TOOLS!!!!!”.

  5. Chris
    July 10, 2013 at 10:59 AM

    “The best IT people probably do not work for the government who tend to be paranoid about this sort of stuff.”

    It may depend on the type of government agency. NOAA is definitely more science oriented than an economic development group, plus they have some very high end computing, so they obviously have a better brand of IT folks. It could be just a completely type of mindset. Though I did go to our local NOAA’s open house, which is on the site of a former Navy base next to a large lake. The meteorologists are in a large office sitting on a series of desks with between two to three large flat screen computer displays each, and a whole row of windows with a drop dead view of the lake, and when the weather is clear the mountains to the east. It would seem obvious where a competent IT person would prefer to work.

    My brother does IT for the State Department. He joined them after retiring from the military (which is where he earned a Masters in computer science), mostly because he loves to travel. I would say that my brother is very competent in IT, which is why he has been stationed in some larger embassies. But he has noted that some of the smaller embassies get some fairly incompetent IT folk.

Comments are closed.