As belts tighten and the credit crunch continues to hit around the world, more and more companies will be making the difficult decision to make staff and contractors redundant. But what happens when a disaffected former employee decides to leave your company a parting gift - in the form of data-destroying malware?

Graham Cluley, Contributor

October 7, 2010

2 Min Read

As belts tighten and the credit crunch continues to hit around the world, more and more companies will be making the difficult decision to make staff and contractors redundant. But what happens when a disaffected former employee decides to leave your company a parting gift - in the form of data-destroying malware?A computer programmer faces up to 10 years in prison, after being found guilty of planting a malicious script designed to do exactly that - destroy data from the servers of his employer US financial giant Fannie Mae.

Rajendrasinh Babubhai Makwana, 36, worked for three years at Fannie Mae's offices in Urbana, Maryland, as a software engineer contractor. A job that meant he had access to all of the company's almost 5000 servers.

Shortly after Fannie Mae terminated Makwana's employment at their 247,000 square foot Urbana Technology Center on October 24th, 2008, they found malicious code embedded on their systems - designed to wipe out all data on their network at 9:00am on January 31st, 2009.

According to prosecutors, anyone trying to log in to the network on January 31st would have received a message saying "Server Graveyard".

Not really what any financial firm would like to see first thing in the morning. Subsequent analysis of computer logs and Makwana's laptop revealed that he was the instigator of the malware.

So much emphasis is placed on external attacks on corporate networks, but don't overlook the havoc that an employee (or disgruntled former worker) could wreak. Makwana is scheduled to be sentenced on December 8th, and could face a maximum penalty of up to 10 years in prison.

Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his award-winning other blog on the Sophos website, you can find him on Twitter at @gcluley. Special to Dark Reading.

About the Author(s)

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights