informa
/
Risk
News

TSA Hacker Sentenced To Prison

Former Transportation Security Administration worker Douglas Duchak pled guilty for trying to inject malicious code into government databases after he was fired.
Inside DHS' Classified Cyber-Coordination Headquarters
(click image for larger view)
Slideshow: Inside DHS' Classified Cyber-Coordination Headquarters
A judge has sentenced a former Transportation Security Administration (TSA) worker to two years in prison for trying to inject malicious code into federal databases after he was dismissed from his job.

Douglas James Duchak, 46, of Colorado Springs, Colo., was a contract worker with the agency when he tampered with TSA databases in 2009. He was charged last March with two counts of intentionally attempting to damage a protected computer and pled guilty Oct. 19.

Judge David M. Ebel, who handled the case for the U.S. Court of Appeals, Tenth Circuit, handed down his sentence Tuesday, according to the Department of Justice (DoJ) U.S. Attorney's Office in Colorado. He also ordered Duchak to pay $60,587.07 in restitution to the TSA.

Duchak was an employee at the TSA's Colorado Springs Operations Center (CSOC) from August 2004 through Oct. 23, 2009. He worked as a data analyst in charge of updating TSA computers with information received from the federal government's Terrorist Screening Database and the U.S. Marshal's Service Warrant Information Network.

On Oct. 22, 2009, seven days after he was told his employment would be terminated on Oct. 30, Duchak accessed a sensitive database and deleted instructional code necessary to format information received in connection with the arrest-warrant database, according to the DoJ.

At the time, he also injected unauthorized code into the CSOC server containing data from the U.S. Marshal's Service Warrant Information Network. The next day Duchak tried to load malicious code onto a server that contained the Terrorist Screening Database, investigators found.

Duchak's actions were detected several days later after his replacement observed what he believed to be unauthorized code in the system, according to the DoJ. The TSA then shut down the system to avoid any further damage.

Follow-up forensic work determined exactly when Duchak transmitted the code and provided more evidence of his actions.

Duchak caused loss aggregating $5,000 or more during a one-year period and, if his code had been executed, it could have created a situation threatening national security, the department said.

The TSA Office of Inspection, the Department of Homeland Security, the Office of the Inspector General, and the Federal Bureau of Investigation (FBI) worked together on the Duchak investigation.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5