Employees at a small job-development agency in the Commerce Department have now been without computers or Internet access for six weeks.
“Over the past several weeks, the Department of Commerce IT security team, US-CERT, and an external team of experts have been working with EDA to conduct tests and isolate the origin of the virus,”agency spokeswoman Cleve Mesidor said in a statement after the Post requested an update.
“While the forensic analysis takes time, the need for additional analysis is not standing in the way of restoration activities,” she said.
In other words, work is still getting done—$10 million in grants have been issued in the last six weeks, officials said — although how fast or efficiently is unclear.
The EDA cut off all of its computer networks on Jan. 20 after it became clear that the agency’s system was targeted. Cyber experts said such a prolonged outage points to hackers, possibly from a foreign country, who could be seeking access to business secrets behind the economic development grants the EDA awards to distressed communities around the country to create jobs. But Commerce officials say they still do not know the exact cause. The agency is not saying whether data were stolen.
Mesidor said the EDA’s technology team has set up a new e-mail server that is issuing new addresses, Blackberries and laptops to some employees. An interim Web site also was created.
The attack follows hacking of e-mail systems at the Defense and State departments in recent years and a serious attack on the computer system of the Bureau of Industry and Security, another Commerce bureau that handles sensitive information.
A recent report to Congress blamed China and Russia for an accelerating theft of information from the computer systems of U.S. government agencies, businesses and research institutions.
The Eye would like to hear from employees inside the agency about how they’re getting their work done. Please get in touch! Reinl@washpost.com.