Though the US military has been preparing itself for digital warfare, other government agencies still seem to be struggling with how to handle basic cybersecurity: last year, the Economic Development Administration within the Department of Commerce spent over half of its IT budget — more than $2.7 million — chasing down what appeared to be a major malware infection. The department destroyed over $170,000 worth of equipment in the process, including printers, TVs, and mice, and only stopped destroying them when its disposal budget ran out. But, as the department's own auditor put it, "The destruction of IT components was clearly unnecessary." Indeed, throwing away computer mice seems like a poor approach to ridding an organization of digital threats.
As it turned out, the malware was only present on two pieces of IT equipment — not on over half of the 250 pieces as the Commerce Department at large believed. In fact, some members of the department were even aware that this was the case, but a series of misunderstandings led to that never being fully conveyed. The audit recommends that the department prepare itself to "appropriately and effectively" respond to future digital security breaches — an important directive as cyber threats become increasingly prevalent.
Update: this article has been adjusted to clarify that it was the EDA with an IT budget of $2.7 million.