Hacking the Federal Logjam

No doubt you've seen the studies that show how social networking sites hurt productivity, and I am pretty sure you've read, heard or watched countless stories about how companies have tried to solve that problem. And you would have to be living in a cave in Bora Bora---specifically a cave without WiFi---to not know that when computers go down because of a denial of service attack or security breach, productivity takes a hit

However, some really shocking news that you've probably heard nothing about is turning what you think you know about that topic upside-down.

Some twelve weeks ago, the Economic Development Administration (EDA) was the target of a sophisticated hack attack. The EDA is a relatively tiny unit of the Department of Commerce, with only 215 employees, that makes grants to distressed communities from six regional offices. The hackers installed a virus that was so virulent the EDA was cut off from the rest of the Commerce Department, as well as the rest of government, and all its systems were shut down in order to prevent the virus from spreading through the system.

What's shocking about this attack is not that it happened; in recent months NASA, the Department of Defense and the State Department (to name a few) all experienced serious attacks. In fact, five years ago the Commerce Department's Bureau of Industry and Security was shut down by a hack. The Department of Homeland Security's U.S. Computer Emergency Readiness Team reported that the number of breaches in federal systems grew in four years from under 6,000 to over 44,000 in fiscal year 2011, the Washington Post reported.

None of that is surprising. Here's what is: Remarkably, despite the return to pre-historic fax-machine technology, the EDA seems to be functioning fairly well, perhaps even better in some ways. The Washington Post reported that as a result of the lack of cyber connectivity, human contact between bureaucrats and aid-seekers had increased dramatically, and things were actually getting done.

The beleaguered folks at the EDA still have no e-mail, no Google, and no Instant Messaging. Heaven forbid they have to use the US Post Office, to the extent it still exists. Also, they don't have access to their Facebook accounts, dating sites, Internet gaming, and, er..... more "inappropriate" forms of pictorial entertainment.

One can't help but recall that in 2010 it was reported that employees at the Securities Exchange Commission had been surfing some pretty graphic websites (and I don't mean National Geographic) as much as eight hours a day. Some of the employees who were exposed (forgive the pun) were earning more than $200,000 a year, and much of the activity uncovered had happened during the financial meltdown of 2008 and 2009. (Note: some federal employees do have access to Facebook and other social media sites at work, and others don't.)

So, why did this happen at the EDA of all places? Let's forget about the fact that the threat and reality of security breaches have now become part of the otherwise serene workaday world of government employees everywhere. It's simply is what is. Indeed, perhaps the most shocking thing about this attack is that the perpetrators knew there was such a thing as the EDA.

Why not go after one of the thirteen different government agencies which, according to USA Today, "fund 209 different science, technology, engineering and math (STEM) education programs - and 173 of those programs overlap with at least one other program." Better yet, why not one of the 1,271 government agencies that works on security and counter-terrorism? Or wouldn't the Bureau of Indian Affairs have been a more unique target? And how could they miss this one: the US Department of Agriculture, which granted $700,000 to the University of New Hampshire to study methane gas emissions from dairy cows? That investigation produced the earthshaking conclusion that, "Cows emit most of their methane through belching, only a small fraction from flatulence." OK, perhaps I should stop milking this theme.

I decided that I would conduct my own hypothetical investigation to try and answer the question of just who was behind this scurrilous attack. Mentally, I rounded up the usual suspects.

I instantly ruled out everybody's hacker of choice, the Chinese. Certainly, they would have no motive to stop the federal government from giving away more of the money that we borrowed from them in the first place, right? So, how about those fun-loving government disrupters who are aligned with "hacktivist" organizations? Naw... I just don't see them wanting to prevent aid from being given to distressed communities. The main-stream liberal community would be okay with narrowing the distance between the sources of government largesse and the people who actually need the money. Wait, could it be right-wing extremists? After all, they are pretty sensitive about the 78 to 81 card-carrying Communists in Congress---and I have no doubt that crew sees the EDA as yet another manifestation of Communism.

Try as I might, I just couldn't figure out who was responsible for this successful hack. On the one hand, the right must be pleased by the idea of shutting down government agencies one by one, or at least slowing the torrent of government grants. On the other, the left would be pleased by the newly responsive EDA's contact with its needy clientele. And everyone, I think, would be ecstatic that the employees of any given government agency could no longer socially network, or otherwise dillydally, on taxpayer time.

The truth is stranger than anything I can deduce from the facts in evidence here. The web-based tools of productivity out there may have some unplanned inefficiencies---Google docs, IM, email, etc---because on the other side of getting things done is having a wee bit too much free time, and that time can be spent using web-based tools of inefficiency. (There's also the notion that the speed afforded those with tools of productivity may be a tad faster than the speed of human thought and innovation.)

So, my final, unscientific conclusion is simply this: sometimes chance is the catalyst of evolution. Perhaps the country's fascination with Mad Men explains the phenomenon somewhat, which for lack of any fancy way of putting it, we might call good, old-fashioned face-to-face, phone-to-phone, people-powered productivity.

This story originally appeared on Credit.com.

Adam Levin Chairman and cofounder of Credit.com and Identity Theft 911. Adam’s experience as former director of the New Jersey Division of Consumer Affairs gives him unique insight into consumer privacy, legislation and financial advocacy. He is a nationally recognized expert on identity theft and credit. Reach Adam at creditexperts@credit.com.

More at Boing Boing

Ants and Stars: Bruce Sterling and Jasmina Tesanovic visit the Sardinia Radio Telescope in Italy

The Snowden Principle

EH

Please delete all sentences that include the pronoun “I” and resubmit.
- http://halfbakedmaker.org Robert Baruch
  
  What would you like it replaced with? “This author?”
  - Ihavenofuckingname
    
    The key words were ‘delete’ and ‘sentences’, not ‘replace’ and ‘words.’
    
    That said, I’d like those sentences replaced with whatever measurements of ‘productivity’ were used to substantiate these claims. That might get in the way of the author’s ill-advised thought experiment though.
  - EH
    
    No, I would prefer all the superfluous narrative blather be replaced by actual writing.
dragonfrog

Any evidence they really were targets of a “sophisticated hack attack?” Or is it just that someone accidentally brought in a random virus that their AV didn’t detect?

A typical modern, up-to-date desktop AV product will have about a 2/3 or 3/4 detection rate for new malware. Stuff that’s a month or two old will be detected pretty reliably, but new stuff just doesn’t get detected well.
- http://twitter.com/GideonTJones Gideon Jones
  
  I’m still looking for evidence that their productivity actually stayed the same, nevermind increasing. The linked article basically amounts to a a couple lines from the “old-timers” in the office reminiscing about phone books and secretaries.
LinkMan

Isn’t the cliche about caves in Tora Bora?

I don’t think Bora Bora is particularly known for its cave-dwellers.
jon_anon

Dear boingboing people behind the scenes,
Are we allowed to know the nature of these reprinted posts from credit.com? Are they paid stories? Their appearance on the blog isn’t credited to any of the usual frontpagers, and the author isn’t a guest poster. Of course you can tell me to mind my own business; this isn’t a demand but a request, out of curiosity and a wish (not a demand) for transparency.
- greebo
  
  I decided to conduct my own hypothetical investigation of what the BoingBoing team are up to here, and my own unscientific conclusion is that they’re trying to create a contrast to remind us how good the usual standard of writing here is.
  - jon_anon
    
    Sounds about right. In fact it has served to remind me that all the websites I go to each day are well-written and smart, but that there is a whole Ye Worlde of Shytte beyond my own little myopic boundary, where things do not have to make sense.
- Mark_Frauenfelder
  
  Hi Jon. The various authors and editors of of credit.com write for Boing Boing on occasion. Sometimes they write original pieces, other times Boing Boing reruns a piece that appeared on credit.com. Boing Boing and credit.com do not pay or get paid to do this. I like the folks at credit.com and I like the articles they run on their website.
  
  Also, I sometimes write pieces for credit.com and I get paid as a freelancer for doing so.
  
  I hope that clears things up!
James Pringle

Perhaps the author, instead of being so snide about a study of cow farts, should briefly investigate whether livestock methane emissions are an important source of methane, a potent greenhouse gas. They are, and it is a significant impact on global climate. They are important, and worth understanding. Real people doing important research suffer when lazy people assume they are being stupid without doing any research. I know the woman who is doing this research, and she got harassed by people who thought she was just defrauding the government. (post edited to make clear who is suffering…)
- http://twitter.com/Listener43 Listener43
  
  “They are important, and worth understanding. Real people doing real research that helps society suffer when lazy people assume someone else is being stupid.”
  Perhaps I’m being obtuse, but why do we want real people doing real research that helps society suffer? Frankly, whether lazy people assume one thing or another shouldn’t even enter into the equation.
  (OK, strike the “Perhaps” above.)
  - Ihavenofuckingname
    
    They only help society suffer when lazy people assume someone else is being stupid.
    
    So the solution is clearly to stop lazy people from assuming someone is being stupid. But really, I think this is maybe a punctuation issue. Except I don’t know how to fix it with punctuation.
    
    …which is a problem of a stupid person assuming someone is lazy. Crap.
    - James Pringle
      
      Sigh… I meant to say that the researchers suffer… post edited to improve clarity…
      - Ihavenofuckingname
        
        I understood, and totally agree with your post. Just having a little fun ;)
- ocker3
  
  And figuring out Which end of a cow the pollution comes from probably involves an explanation of Why, How, etc.
  
  I know they’re looking at trying to get a bacteria (or some kind of intestinal flora) working in cows that’s in kangaroos, as it cuts down on methane emissions. Understanding the whole process takes study and $700,000 is a drop in the bucket when it comes to a big study.
  
  Here in Australia a local river’s health was dropping, and the council asked a scientist to study it. He asked for 4 million dollars to educate the farmers, industry, tourism operators and turn the problem around. They asked him what he could do with 1 million. He said “watch it happen.”
  
  Really serious science often involves really serious money.
BrianOman

Wait, so the conclusion is a tangent of the original proposition, and does nothing to find an answer to the posed question?
Great writing there…