According to the DC Examiner a former contract worker with Fannie Mae has been indicted, and bailed, on charges of computer intrusion. It is alleged that Rajendrasinh Makwana dropped a virus into Fannie Mae software which had the potential to cause millions of dollars worth of damage if it had not been spotted in time. The computer engineer who had worked at Fannie Mae for some three years, had access to all 4000 servers at the company.
Fired on Jan 24th, apparently for changing settings without permission, Makwana is said to have attempted to hide a malicious script in the server software the same day that was coded to execute on January 31st. The script would have disabled the Fannie May monitoring systems and then disable access to all 4000 servers and delete all data. It was only by chance that the code was uncovered as only a total of 20 engineers had access to the server where it resided.
A FBI agent, Jessica Nye, says in her sworn statement that had it worked the total damage "would include cleaning out and restoring all 4,000 of [Fannie Mae’s] servers, restoring and securing the automation of mortgages, and restoring all data that was erased."
If found guilty, Makwana faces a maximum ten years in prison.
"Obviously this case is ongoing, with charges not yet proven against Makwana, but it should serve as a timely reminder to all companies." says Graham Cluley, senior technology consultant at Sophos. "As the credit crunch forces companies to tighten their belts around the world, more and more firms will be making the difficult decision to make staff redundant. But it's important to remember that a disaffected employee could create havoc inside your organisation."