Risk
3/11/2010
11:58 AM
50%
50%

Former TSA Worker Charged With Hacking

The Department of Justice indictment alleges that a former TSA employee tampered with servers containing data from the Terrorist Screening Database.

The Department of Justice has charged a Colorado man and former Transportation Security Administration (TSA) employee with trying to inject malicious code into TSA databases.

A federal jury indicted Douglas James Duchak, 46, of Colorado Springs, Colo., late Tuesday on two counts of intentionally attempting to damage a protected computer, according to a DoJ press release.

Duchak was an employee at the TSA's Colorado Springs Operations Center (CSOC) from August 2004 through Oct. 23, 2009. He worked as a data analyst in charge of updating TSA computers with information received from the federal government's Terrorist Screening Database and the U.S. Marshal's Service Warrant Information Network.

On. 22, 2009, seven days after he was told his employment would be terminated on Oct. 30, Duchak injected unauthorized code into the CSOC server containing data from the U.S. Marshal's Service Warrant Information Network, the DoJ alleges. That action comprises the first count of the indictment.

The next day he allegedly tried to load malicious code onto a server that contained the Terrorist Screening Database, the action comprising the second count.

If convicted, Duchak faces up to 10 years in federal prison, and a fine of up to $500,000 -- $250,000 per count.

Duchak surrendered to U.S. Marshals Wednesday morning and appeared in court in the U.S. District Court in Denver that afternoon. He pleaded not guilty and was released on a $25,000 bond, according to the court.

The TSA has been tightening the belt on security lately after TSA screeners failed to catch a man who attempted to blow up a U.S. flight from Amsterdam to Detroit on Christmas day.

The TSA Office of Inspection, the Department of Homeland Security (DHS) Office of the Inspector General, and the FBI investigated the case, which is being prosecuted by Assistant U.S. Attorney Patricia Davies.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-1793
Published: 2014-12-25
rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted SVG document that leads to a "stale pointer."

CVE-2011-1794
Published: 2014-12-25
Integer overflow in the FilterEffect::copyImageBytes function in platform/graphics/filters/FilterEffect.cpp in the SVG filter implementation in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified ...

CVE-2011-1795
Published: 2014-12-25
Integer underflow in the HTMLFormElement::removeFormElement function in html/HTMLFormElement.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document con...

CVE-2011-1796
Published: 2014-12-25
Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaS...

CVE-2011-1798
Published: 2014-12-25
rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not properly perform a cast of an unspecified variable during an attempt to handle a block child, which allows remote attackers to cause a denial of service (application crash) or possibly have unknown othe...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.