The chief irony here is that the destruction was wrought by the Economic Development Administration, an agency of the Commerce Department. Perhaps someone had the idea that replacing the smashed and burned computers would stimulate the economy.
It started when Homeland Security notified the EDA that they might have some malware in their system. According to Ars Technica:
“EDA’s CIO, fearing that the agency was under attack from a nation-state, insisted instead on a policy of physical destruction. The EDA destroyed not only (uninfected) desktop computers but also printers, cameras, keyboards, and even mice. The destruction only stopped—sparing $3 million of equipment—because the agency had run out of money to pay for destroying the hardware.”
You didn’t know that a computer mouse can be infected with malware? Well, that’s because it isn’t possible. This spree of destruction was driven by fear and ignorance.
According to the report, the idea that the malware represented any kind of purposeful attempt to breach the system was completely unsupported by the evidence. There was nothing special about the malware. “There were no signs of persistent, novel infections, nor any indications that the perpetrators were nation-states rather than common, untargeted criminal attacks.” On the other hand, an audit determined that the EDA’s system was so insecure that it would require no sophisticated attack to explain the presence of malware.
An outside contractor had repaired the infected machines and had fixed the problems. But they couldn’t absolutely guarantee there was no malware left anywhere in the system. Additionally, the EDA’s leadership demanded that they find a way to declare the system invulnerable to future malware attacks.
“The total cost to the taxpayer of this incident was $2.7 million: $823,000 went to the security contractor for its investigation and advice, $1,061,000 for the acquisition of temporary infrastructure (requisitioned from the Census Bureau), $4,300 to destroy $170,500 in IT equipment, and $688,000 paid to contractors to assist in development of a long-term response. Full recovery took close to a year. “
I have to admit, this story makes me hope. I would love it if the NSA would physically destroy all their hardware containing files that should never have been collected on Americans. However, I think it is much more likely that such incompetent, rather than purely destroying data, would make it available on the internet.
So again, we need to ask, is it wise to entrust all our private data to this syndicate? All our health records will soon be collected as Obamacare metastasizes. They will be managed by the IRS, which has a proven track record in data security. National security and public health are used as excuses to have all our lives managed by experts using databases. We often hear about how the government believes it must claim new authority over the internet in order to enhance cyber security. Apart from other possible intentions, is the Federal Government even capable of making us safe from cyber attack?
How do we know they won’t accidentally compromise cyber security when the try to protect it?