informa
2 min read
article

Worker Who Planted Malware Time Bomb At Fannie Mae Faces Prison

As belts tighten and the credit crunch continues to hit around the world, more and more companies will be making the difficult decision to make staff and contractors redundant. But what happens when a disaffected former employee decides to leave your company a parting gift - in the form of data-destroying malware?
As belts tighten and the credit crunch continues to hit around the world, more and more companies will be making the difficult decision to make staff and contractors redundant. But what happens when a disaffected former employee decides to leave your company a parting gift - in the form of data-destroying malware?A computer programmer faces up to 10 years in prison, after being found guilty of planting a malicious script designed to do exactly that - destroy data from the servers of his employer US financial giant Fannie Mae.

Rajendrasinh Babubhai Makwana, 36, worked for three years at Fannie Mae's offices in Urbana, Maryland, as a software engineer contractor. A job that meant he had access to all of the company's almost 5000 servers.

Shortly after Fannie Mae terminated Makwana's employment at their 247,000 square foot Urbana Technology Center on October 24th, 2008, they found malicious code embedded on their systems - designed to wipe out all data on their network at 9:00am on January 31st, 2009.

According to prosecutors, anyone trying to log in to the network on January 31st would have received a message saying "Server Graveyard".

Not really what any financial firm would like to see first thing in the morning. Subsequent analysis of computer logs and Makwana's laptop revealed that he was the instigator of the malware.

So much emphasis is placed on external attacks on corporate networks, but don't overlook the havoc that an employee (or disgruntled former worker) could wreak. Makwana is scheduled to be sentenced on December 8th, and could face a maximum penalty of up to 10 years in prison.

Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his award-winning other blog on the Sophos website, you can find him on Twitter at @gcluley. Special to Dark Reading.