A federal agency mistakenly destroyed $170,000 worth of computer equipment and nearly destroyed $3 million more because it thought it had a virus that turned out to be a false alarm.
Among the equipment that was destroyed, according to a recent Inspector General report, was printers, keyboards, mice, TVs, cameras, and computers.
Apparently, the only reason the other $3 million in equipment was spared was that the Economic Development Administration (EDA) ran out of money for the destruction project.
The bungled operation started when the Department of Homeland Security reported that monitoring software warned of a possible malware infection in the computer system on Dec. 6, 2011.
That started an almost comical chain of inept reactions.
A DHS response team notified the Commerce Department that it had detected the potential malware infection. The malware infection was traced to a National Oceanic and Atmospheric Administration computer. The report says that NOAA corrected the malware problem and put the system back into operation by Jan. 12, 2012.
But the report says that the EDA continued to assume its systems were infected. It took down the department's email and web access. It also blocked regional offices from accessing its database, apparently thinking a cyber attack had resulted in an extensive malware infection.
The Inspector General report found the EDA based its response decisions on inaccurate information, ineptitude delayed the response and misdirected planning hindered the system recovery.
Weeks of errant communications circulated inside several departments about the supposed malware infection and it was believed that nearly 150 systems were infected, even though that information was never verified.
The department then spent more than $800,000 to hire a cybersecurity contractor to respond to the incident. Within two weeks, the contractor found that initial indications of extremely persistent malware were false positives and not actual malware infections. The testing continued for another 10 weeks with no other malware finds.
Despite this, EDA management spent more than $1 million to build a temporary IT infrastructure. Then it decided to destroy more than $170,000 worth of its IT components. By August, 2012, it had run out of money and halted the destruction of its remaining IT components. EDA intended to resume the destruction once more funds were available.
The EDA ended up spending $2.7 million on the issue, more than half of its yearly IT budget. It then estimated that it would need more than $26 million over the next three years to fund further system recovery efforts.
The Economic Development Administration's mission is to lead the federal economic development agenda by promoting innovation and competitiveness.