A virus has attacked the computer network of a job-development agency in the Commerce Department, forcing it to block employees from the Internet for nine days.
The attack, discovered two weeks ago, targeted computers at the Economic Development Administration, which is responsible for making business-development grants to distressed communities to help them create jobs.
Commerce Department officials said they have brought in a team of outside experts to help the agency’s security team restore the networks. But they do not know where the attack came from and how it penetrated government computers, officials said. Cyber-security experts said it is likely that hackers infiltrated the system.
“Out of an abundance of caution, EDA isolated its network systems by removing all network connectivity,” Commerce spokesman Brad Carroll said in a statement. A temporary, bare-bones Web site is providing contact information for the small agency and information on federal funding opportunities.
“Grant applications are being processed and customers are being served,” Carroll said.
The disruption was discovered Jan. 20; EDA computers were disconnected from the network last Tuesday.
It was unclear Thursday whether any data has been stolen and why the small, 215-person agency was targeted. Employees were advised how to protect their personal information, officials said.
In recent years, hackers have penetrated e-mail and other systems at the Defense and State departments, and launched a serious attack on the computer system of the Bureau of Industry and Security, another Commerce Department bureau that handles sensitive information.
“At this point, what is likely happening is they’re trying to find out who is attacking us, how can we get back online, and how do we make sure we get all of the bad guys out of the system,” said Alan Paller, research director of the SANS Institute, a cyber-training school in Bethesda.
The Commerce Department also suffered a wave of security breaches that compromised the names and Social Security numbers of some employees in late 2009 and early 2010. The department was faulted for not informing some employees until almost seven weeks after one breach.
A recent report to Congress blamed China and Russia for an accelerating theft of information from the computer systems of U.S. government agencies, businesses and research institutions. In the EDA’s case, confidential business secrets could have been the goal of the attack, computer security experts said.
“Something has to be really bad in order for the response to be, ‘Let’s disconnect from the Internet,’ ” said Jacob Olcott, a former counsel for the Senate Commerce committee who now works for Goodharbor Consulting, a cyber risk management company.
The EDA posted updates on its official Twitter account Jan. 25:
“EDA’s website is experiencing a disruption in service. The agency is working to address the issue and resume normal operations asap.” A similar message appeared the next day. There have been no other updates.