A former software engineer at troubled mortgage
firmFannie Maehas been
accused of hiding malware on the company's network which could have
caused millions of dollars of damage.
According to court documents,the malicious scriptwould have
affected 4,000 servers andcould have shut operations at Fannie Mae
for at least a week.
Rajendrasinh Makwana, who was fired by the firm in October, was
indicted on computer intrusion charges and is accused of planting
the malicious code to go live on January 31.
According to the prosecution case, anyone trying to log in to
the network after that day would have received a message saying
"server Graveyard".
FBI agent Jessica Nye
said in a
statement that Makwana had worked at Fannie Mae for three years
as a computer engineer at its officesin Urbana,where he had full
access to all of the federally created mortgage company's 4,000
servers.
"Had this malicious script executed, engineers expect it would
have caused millions of dollars of damage andreduced, if not
shutdown, operations at the firmfor at least one week. If this
script wereexecuted, the total damage would include cleaning out
and restoring all 4,000 servers, restoring and securing the
automation of mortgages, and restoring all data thatwas
erased."
Graham Cluley, senior technology consultant at
Sophos, said
this should serve as a timely reminder to all companies as to what
they should be prepared for. "Implementing a combination of robust
user policies and security measures is crucial in order to
safeguard their IT networks -and ultimately their business -against
such incidents."
"As the credit crunch forces companies to tighten their belts
around the world, more and more firms will be making the difficult
decision to make staff redundant. But it's important to remember
that a disaffected employee could create havoc inside your
organisation," he added.
Recession means businesses face greater security threat, says
McAfee >>