Advertisement
Promo

Security threats Toolkit

Fannie Mae contractor indicted for planting malware

Larry Dignan ZDNet.com

Published: 30 Jan 2009 17:20 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A former Fannie Mae IT contractor has been indicted for allegedly planting a malware bomb on the US mortgage agency's systems.

The piece of malicious code, timed to execute next January, would have destroyed all the data on Fannie Mae's servers and caused millions of dollars of damage, the FBI alleges.

Contractor Rajendrasinh Makwana was indicted on Tuesday in the US District Court for Maryland. The FBI alleges that Makwana was able to plant malicious code in Unix script on Fannie Mae's servers due to his access privileges not being revoked immediately following his dismissal.

Makwana, who had been contracted out from software development company Omnitech, worked for Fannie Mae from early 2006 until 24 October, 2008. According to a criminal complaint lodged by the FBI, Makwana allegedly targeted Fannie Mae's servers after his contract was terminated. Malicious code found on the servers after Makwana was sacked was set to execute on 31 January, 2009.

Makwana worked at Fannie Mae's datacentre in Urbana as a Unix engineer. He had root access to all of Fannie Mae servers. According to the FBI complaint, Makwana had been informed of his dismissal in the afternoon of 24 October, 2008, while his access privileges were revoked on that evening.

Writing in a blog post on Thursday, Sophos senior technology consultant Graham Cluley warned that companies laying off staff due to the worsening global conditions should think about possible security risks from disgruntled ex-employees.

"As belts tighten and the credit crunch continues to hit around the world, more and more companies will be making the decision to make staff redundant," wrote Cluley. "As we've written before, a disaffected employee could create havoc inside your organisation so make sure that appropriate security is in place."

ZDNet UK's Tom Espiner contributed to this article.

Credit: Fannie Mae IT contractor indicted for planting malware; Mortgage giant didn’t revoke server privileges from ZDNet.com

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
7 out of 7 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

3 comments

  1. That place needs big time cleanup! anitajojo
  2. WHITELIST IT - AND KEEP MALWARE OUT! lumension
  3. Surely they were authorised applications but... Yellowcave

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:





Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters