As belts tighten and the credit crunch continues to hit around the world, more and more companies will be making the difficult decision to make staff and contractors redundant. But what happens when a disaffected former employee decides to leave your company a parting gift - in the form of data-destroying malware?
As belts tighten and the credit crunch continues to hit around the world, more and more companies will be making the difficult decision to make staff and contractors redundant. But what happens when a disaffected former employee decides to leave your company a parting gift - in the form of data-destroying malware?A computer programmer faces up to 10 years in prison, after being found guilty of planting a malicious script designed to do exactly that - destroy data from the servers of his employer US financial giant Fannie Mae.
Rajendrasinh Babubhai Makwana, 36, worked for three years at Fannie Mae's offices in Urbana, Maryland, as a software engineer contractor. A job that meant he had access to all of the company's almost 5000 servers.
Shortly after Fannie Mae terminated Makwana's employment at their 247,000 square foot Urbana Technology Center on October 24th, 2008, they found malicious code embedded on their systems - designed to wipe out all data on their network at 9:00am on January 31st, 2009.
According to prosecutors, anyone trying to log in to the network on January 31st would have received a message saying "Server Graveyard".
Not really what any financial firm would like to see first thing in the morning. Subsequent analysis of computer logs and Makwana's laptop revealed that he was the instigator of the malware.
So much emphasis is placed on external attacks on corporate networks, but don't overlook the havoc that an employee (or disgruntled former worker) could wreak. Makwana is scheduled to be sentenced on December 8th, and could face a maximum penalty of up to 10 years in prison.
Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his award-winning other blog on the Sophos website, you can find him on Twitter at @gcluley. Special to Dark Reading.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024