Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

  1. #1
    Join Date
    Aug 2005
    Beans
    5,990

    US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

    http://www.theregister.co.uk/2013/07...lware_oig_eda/

    US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

    Yes, that's right. Computer mice and other kit destroyed in $2.7m scorched-earth op

    By John Leyden, 10th July 2013

    A US Department of Commerce agency has been chastised for spunking $2.7m chasing down a supposed major malware infection that was actually limited to a handful of PCs.

    The Economic Development Administration adopted a scorched earth policy - isolating itself from the internet before destroying more than $170,000 worth of equipment including printers, TVs, and even computer mice - in a comically inept attempt to resolve the phantom outbreak.

    The physical destruction of equipment only ceased after the department's disposal budget was exhausted. "The destruction of IT components was clearly unnecessary," the Office of the Inspector General’s (OIG) auditor said in an official report released last month.

    EDA’s CIO concluded that the risk, or potential risk, of extremely persistent malware and nation-state activity (which did not exist) was great enough to necessitate the physical destruction of all of EDA’s IT components.
    EDA’s management agreed with this risk assessment and EDA initially destroyed more than $170,000 worth of its IT components, including desktops, printers, TVs, cameras, computer mice, and keyboards. By August 1, 2012, EDA had exhausted funds for this effort and therefore halted the destruction of its remaining IT components, valued at over $3 million.

    EDA intended to resume this activity once funds were available. However, the destruction of IT components was clearly unnecessary because only common malware was present on EDA’s IT systems.

    The EDA, which promotes economic development in underperforming US regions, went into panic mode after receiving notification of a malware outbreak from the US Department of Homeland Security's CERT (Computer Emergency Response Team) in December 2011.

    The agency hired an outside security contractor, at an eventual cost of $823,000, in late January 2012. After some initial false positives, the contractor decided EDA's systems were mostly clean. Common-or-garden malware was found on six systems, a problem that could have been repaired by reimaging the affected machines. The unnamed "common malware [was] contained in archived e-mail attachments and temporary Internet browser files", according to OIG's report.

    Confusion and miscommunication meant that an outbreak reckoned by the Department of Commerce's computer security response team to be limited to two components was treated as something that had spread to more than half of the EDA's 250 computers. It was treated as an advanced persistent attack internally by the EDA, despite little evidence to substantiate this belief.

    EDA's CIO, fearing that the agency was under attack from foreign cyber-intelligence, isolated its systems from the net and initiated the policy of physical destruction. Unnecessary destruction of IT equipment alone cost $175,000.

    Staff were given temporary laptops requisitioned from the Census Bureau, along with internet access and interim e-mail capability in a programme that eventually cost $1.06 million. Entire mail servers were shut down, quite unnecessarily, because of some relatively innocuous malware on a small number of client PCs.

    The EDA also spent $688,000 on contractors to come up with a long-term response to the incident. The whole mess was eventually sorted out within five weeks, but even this process didn't begin until February 2013 – over a year after the initial incident. In total the agency spunked $2.7 million - more than half its 2012 annual IT budget - in grappling with the problem.

    The National Oceanic and Atmospheric Administration received the same notice from the CERT but came up with a far more measured response, isolating and cleaning up the problem by January 2012. In contrast, the EDA was still ineptly grappling with the problem until outside agencies stepped in during February the following year.

    Despite the wholesale trashing of perfectly good gear, the EDA is not wholly to blame for the mess. An inexperienced staffer in the CERT initially told the EDA that it was dealing with 146 infected components. This assessment was quickly revised downwards to just two infected items in a follow-up notice issued a day later, but, crucially, the EDA were not told that the initial notice was inaccurate and misleading.

    "EDA thought there were 146 infected components [which] influenced everyone’s perception of the incident and contributed to EDA’s unnecessary recovery and remediation activities," OIG explains. EDA took drastic actions through misplaced fears that the malware infection would spread to other government bureaux.

    "Deficiencies in the Department [of Commerce]’s Incident Response Program… significantly contributed to EDA’s inaccurate belief that it experienced a widespread malware infection," OIG explains. "Consequently, the Department of Commerce Computer Incident Response Team (DOC CIRT) and EDA propagated inaccurate information that went unidentified for months after EDA’s incident.”

    The OIG added:
    We found that DOC CIRT’s incident handlers did not follow the Department’s incident response procedures, that its handler for EDA’s incident did not have the requisite experience or qualifications, and that DOC CIRT did not adequately coordinate incident response activities.
    OIG is clear, however, that the main blame for the whole sorry episode rests with EDA, whose recovery efforts were misdirected and inept. "EDA focused its recovery efforts on replacing its IT infrastructure and redesigning its business applications. EDA should have concentrated its resources on quickly and fully recovering its IT systems (e.g. critical business applications) to ensure its operational capabilities."

    The auditor's report, Malware Infections on EDA’s Systems Were Overstated and the Disruption of IT Operations Was Unwarranted, can be found here (PDF, 33 pages, fairly large). The report notes that the EDA's IT infrastructure has been systematically mismanaged and insecure for years, with poor handling of patch management and other routine tasks. Many of these problems date back as far as early 2006. ®
    Last edited by mips; July 10th, 2013 at 03:44 PM.

  2. #2
    Join Date
    Aug 2005
    Beans
    5,990

    Re: US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak


  3. #3
    Join Date
    Jul 2007
    Location
    Magic City of the Plains
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

    You mean my mouse is infected with malware? I thought it just needed a good cleaning! Lol

  4. #4
    Join Date
    Apr 2007
    Location
    Out in Left Field
    Beans
    915
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

    Rodents did carry the bubonic plague so it would seem a typical conclusion of government officials to believe Computer mice could carry some dreadful infection also.
    MB: Asrock Extreme4-M CPU: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz Memory: Corsair Low Profile Vengeance 16.00 GB. GC On CPU HD4000 Platform: x86_64 Distribution:Ubuntu 14.04TrustyTahr with Cinnamon DE Boot: EFI File System:EXT4

  5. #5
    Join Date
    Apr 2005
    Location
    USA
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

    The greastest news story I have heard
    @mips: That pic is the perfect response to this phantom infections lol

  6. #6
    Join Date
    Mar 2008
    Beans
    1,219

    Re: US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

    Well, apparently they just wanted to spend their budget somehow. And since there were contractors involved who got about $1.5m in total, the question is who exactly were those contractors. The whole thing smells like a fraud scheme.

  7. #7
    Join Date
    Jun 2010
    Location
    London, England
    Beans
    6,769
    Distro
    Ubuntu Development Release

    Re: US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

    Quote Originally Posted by prodigy_ View Post
    Well, apparently they just wanted to spend their budget somehow. And since there were contractors involved who got about $1.5m in total, the question is who exactly were those contractors. The whole thing smells like a fraud scheme.
    That gets my vote. What evidence do we have that the hardware was destroyed and not re-sold? There is no such thing as a little corruption.
    It is a machine. It is more stupid than we are. It will not stop us from doing stupid things.
    Ubuntu user #33,200. Linux user #530,530


  8. #8
    Join Date
    Nov 2007
    Location
    Hurricane haven NC
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Talking Re: US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

    Quote Originally Posted by SuperFreak View Post
    Rodents did carry the bubonic plague so it would seem a typical conclusion of government officials to believe Computer mice could carry some dreadful infection also.
    Not all of them. I've had 3 mouse infestations over the years..If this were true, I'd have quite the medical bill..Well since our mice are linked to Linux, we are perfectly safe from infec
    A friendly & helpful Linux community who is also exploring Minecraft. Want to join us? Let us know.

    http://linuxinternationals.org/

  9. #9
    Join Date
    Jun 2009
    Location
    0:0:0:0:0:0:0:1
    Beans
    4,114
    Distro
    Xubuntu 13.04 Raring Ringtail

    Re: US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

    Quote Originally Posted by grahammechanical View Post
    That gets my vote. What evidence do we have that the hardware was destroyed and not re-sold? There is no such thing as a little corruption.
    very true

    This is the result of the government using baseline budgeting (you get a budget equal to what you spent last year plus ten percent)
    If you comment on that be careful with the no politics rule here
    Laptop: ASUS A54C-NB91 (Storage: WD3200BEKT + MKNSSDCR60GB-DX); Desktop: Custom Build - Images included; rPi Server
    Putting your Networked Printer's scanner software to shame PHP Scanner Server
    I frequently edit my post when I have the last post

  10. #10
    Join Date
    Dec 2010
    Beans
    Hidden!

    Re: US gov SMASHES UP TVs and MICE to nuke tiny malware outbreak

    Over react much? Then again, my mouse has a CPU that according to the web site is equivalent to a Pentium 1 system


    404
    404

    Come shoot the breeze with us on the Ubuntu Forums IRC channel - #ubuntuforums

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •