Sometimes I like to cleanse the palette with a lighthearted feel-good story. A little over a year and a half ago, Department of Homeland Security (DHS) alerted the Economic Development Administration (EDA) and the National Oceanic and Atmospheric Administration (NOAA) of potential security breaches with their hardware. NOAA handled their clean-up well, EDA seemed to apply the logic commonly reserved for diseased cattle. I guess this counts?
Ultimately, it was paranoia that harmed the EDA. They spent a million dollars hiring an external firm to sanitize, secure, and guarantee immunity against malicious software. Unsatisfied with the lack of results under the final mandate, the EDA decided to destroy any hardware adjacent to any contamination.
Computers… printers… cameras… keyboards… mice…
$170,500 USD of hardware was demolished and almost a year was spent getting back on track. A further $3 million worth of equipment would have reached the same fate if the budget had not run out. This news was made public during their audit, released last month, by the Department of Commerce. The infections, discovered through this cleansing, were common malware and not a targeted attack.
The final cost of this overreaction was $2.7 million.