Scott Bloch the head of the White House's Office of Special Counsel has been under investigation by the Inspector General of the Office of Personnel Management for a variety of infractions, including retaliating against employees who took issue with internal policies and discriminating against those who were gay or members of religious minorities.
Recently, investigators learned that Mr. Bloch erased all the files on his office personal computer late last year. They are now trying to determine whether the deletions were improper or part of a cover-up, lawyers close to the case said.
Bypassing his agency's computer technicians, Mr. Bloch phoned 1-800-905-GEEKS for Geeks on Call, the mobile PC-help service. It dispatched a technician in one of its signature PT Cruiser wagons. In an interview, [Bloch] confirmed that he contacted Geeks on Call but said he was trying to eradicate a virus that had seized control of his computer....
Mr. Bloch had his computer's hard disk completely cleansed using a "seven-level" wipe: a thorough scrubbing that conforms to Defense Department data-security standards. The process makes it nearly impossible for forensics experts to restore the data later. He also directed Geeks on Call to erase laptop computers that had been used by his two top political deputies, who had recently left the agency....
Geeks on Call visited Mr. Bloch's government office in a nondescript office building on M Street in Washington twice, on Dec. 18 and Dec. 21, 2006, according to a receipt reviewed by The Wall Street Journal. The total charge was $1,149, paid with an agency credit card, the receipt shows. The receipt says a seven-level wipe was performed but doesn't mention any computer virus.
Jeff Phelps, who runs Washington's Geeks on Call franchise, declined to talk about specific clients, but said calls placed directly by government officials are unusual. He also said erasing a drive is an unusual virus treatment. "We don't do a seven-level wipe for a virus," he said.
It has nothing whatsoever to do with virus removal...
I've been in different IT jobs using all manner of computers for over 15 years. Never, ever have I heard of such a procedure in response to a virus.
In the most extreme cases of viruses or malware, a reformat of the Hard Drive and complete reinstallation of the computer's operating system and application software is necessary. (I've done this before on more than a few occassions.)
Usually, with proper backup software in place, it's possible to pick an older "snapshot" or "backup" of the computer system and restore the hard disk to that "restore point" -- point in time when the data is intact and the virus was not present on the computer.
Bloch's actions are clearly part of a determined effort to destroy information on these computers.
Given the price paid for the hard disk scrubbing, I'd point out that it would probably have been more cost effective to simply replace ever hard drive on every computer mentioned and replace the hard drives with new ones which would likely be higher storage capacity and faster than whatever was originally in the PCs.
It is very, very important to note that Bloch bypassed his agency's computer technicians. This is surely a violation of departmental guidelines. Such behavior in the corporate world would lead to serious consequences including employment termination. Such conduct in the military or on contract work for defense department projects would lead to criminal prosecution.
The fact that Bloch used agency funds to pay for this violation of policy is all the more reason why there should be serious repercussions. It's another reason why he should be investigated. Bloch misused public funds to facilitate this breach of policy.
Why would Bloch bypass his agency's computer technicians?
The answer is that they would have done as their departmental guidelines dictated (NOT what Bloch wanted done) The departmental IT staff would NOT destroy the data on the hard drives. They would have created backups of everything on the hard drives before doing anything else.
My expert opinion, as an IT professional (job titles include system administrator and software engineer experience on multiple computer platforms including Windows and UNIX) is that this was a deliberate effort to destroy information.
It seems that he was using his work computer, a laptop, for both business and personal purposes. It crashed, and because he suspected a virus, he called the non-government tech repair company to erase the hard drive. At some point, he had personal files downloaded to a thumb drive. He seems to be saying that erasing the non-personal files is not a problem, because they're stored on his agency's network's hard drives. He doesn't recall asking that his two staffers' laptops also have their hard drives erased. He claims his personal files are irrelevant to the investigation, and he refuses to turn over the thumb drive. He seems to be accusing the government employees he was investigating concerning violations of the Hatch Act (This was in connection with the White House sending officials to federal agencies to encourage them to help Republican candidates before the '06 elections.) with leaking the information about the computer maintenance in order to thwart his investigation. Meantime, the people who lodged complaints against Bloch, prompting the OPM IG's investigation wonder if Bloch was ever serious about Bloch's own investigation of possible violations of the Hatch Act.
Bloch said in a written statement that the personal computer records requested by the OPM are not relevant to its investigation, which he earlier called a "fishing expedition."
Bloch's office confirmed a Wall Street Journal report that he had hired Geeks On Call, a commercial computer service, to "scrub" the hard drive of his computer, and that the technicians scrubbed the hard drives of laptop computers used by two aides. Bloch said he took that action after malfunctions led him to believe a virus was destroying his files.
But the process used by the technicians to wipe the hard drives, Bloch's office confirmed, was more thorough than necessary to kill a virus. The effort raised questions, two officials close to the case said, about whether Bloch was attempting to obstruct the OPM investigation -- an allegation that he denies.
Through a spokesman, Bloch said he does not recall ordering the erasure of data in the hard drives of laptops used by chief of staff J.R. Sanchez and another top aide who had left the agency. Bloch had asked that the files in his computer be encrypted and moved to a portable "thumb drive," which he carries on his keychain, his spokesman said.
This month, the Office of Personnel Management sent a letter to Bloch requesting access to his America Online account, which he uses for personal e-mail communication. The letter further asked him to surrender the files transferred to the thumb drive.
"The computer files were from the internal hard drive of my laptop, and did not include my official work files and e-mail, which are stored on the office network hard drives," Bloch said in the statement.
"After the laptop hard drive had crashed, which at the time I believed could have been caused by a virus, I wanted to protect my personal files. These included private personal and medical information, privileged communications with my personal attorney, my son's pictures from his tours in Iraq, Christmas lists, etc.," Bloch said.
---------------------------------
"None of this is relevant to the investigation, nor has OPM IG [the office of the OPM's inspector general] informed me of any such allegations. Further, I am concerned that individuals close to the investigation leaked a document related to the computer maintenance with an intent to cast suspicion on me with no proof of any wrongdoing."
OPM spokesman Peter Graves said the agency will not comment on an ongoing investigation. Attorneys representing the staff members in the complaints against Bloch cited the latest dispute in calling for his resignation.
"At the time that he initiated this probe of Karl Rove, we thought he was doing this to make himself bulletproof so the White House could not take disciplinary action against him," said Debra Katz, an attorney for the staff members. Bloch denied that charge and said the Rove investigation is the responsibility of his office.