Group items tagged

A former Fannie Mae IT contractor has been indicted for planting a virus that would have nuked the mortgage agency's computers, caused millions of dollars in damages and even shut down operations. How'd this happen? The contractor was terminated, but his server privileges were not. Rajendrasinh Makwana was indicted on Tuesday in the U.S. District Court for Maryland (press report, complaint and indictment PDFs). From early 2006 to Oct. 24, Makwana was a contractor for Fannie Mae. According to the indictment, Makwana allegedly targeted Fannie Mae's network after he was terminated. The goal was to "cause damage to Fannie Mae's computer network by entering malicious code that was intended to execute on January 31, 2009." And given Fannie Mae-along with Freddie Mac-was nationalized in an effort to stabilize the mortgate market Makwana could caused a good bit of havoc. Makwana worked at Fannie Mae's data center in Urbana, MD as a Unix engineer as a contractor with a firm called OmniTech. He had root access to all Fannie Mae servers. The tale of Makwana malware bomb plot is a warning shot to all security teams and IT departments. Given the level of layoffs we've seen lately the ranks of disgruntled former employees is likely to grow. Is there any company NOT lopping off a big chunk of its workforce? And some of these workers may even have Makwana's access privileges and knowledge of the corporate network.