Department Of Commerce Wastes $2.7 Million On Overblown Cyber Security Threat

| by Sylvan Lane
article imagearticle image

The United States Department of Commerce destroyed more than $170,000 worth of computer equipment and spent more than $2.7 million responding to a cyber threat it believed to compromise the security of the Economic Development Administration’s cyber network. Unfortunately for the EDA, the threat was so vastly overblown, that the actions taken were “clearly unnecessary,” according to a report from the Department’s inspector general.

The Huffington Post reported:

“The agency, the Economic Development Administration, spent more than $2.7 million -- more than half its IT budget for the year -- responding to what it believed was a serious cyber attack, including hiring a contractor to further investigate.

“The inspector general's findings reflect what experts say is a broader problem in the federal government -- a shortage of employees with the necessary expertise to analyze and respond to cyber attacks in their network.

“Back in 2011, the Commerce Department's Computer Incident Response Team identified 146 pieces of IT equipment possibly infected when in fact just two showed signs of suspicious activity, the inspector general found.

“The inspector general attributed the ‘misunderstanding’ to ‘inaccurate analysis’ and ‘serious long-standing deficiencies’ in the agency's security program.”

These misunderstandings may be avoided if the federal government’s push to hire a larger cyber security force is successful.

According to a January report in The Washington Post:

“The Pentagon has approved a major expansion of its cybersecurity force over the next several years, increasing its size more than fivefold to bolster the nation’s ability to defend critical computer systems and conduct offensive computer operations against foreign adversaries, according to U.S. officials.”

“The move, requested by the head of the Defense Department’s Cyber Command, is part of an effort to turn an organization that has focused largely on defensive measures into the equivalent of an Internet-era fighting force. The command, made up of about 900 personnel, will expand to include 4,900 troops and civilians.”

Sources: The Huffington Post , United States Department of Commerce, The Washington Post,