Fannie Mae logic bomb would have caused shutdown and more!
A logic bomb allegedly planted by a former engineer at mortgage finance company Fannie Mae last fall would have decimated all 4,000 servers at the company, causing millions of dollars in damage and shutting down Fannie Mae for a least a week, prosecutors say.
Unix engineer Rajendrasinh Babubha Makwana, 35, was indicted in federal court in Maryland on a single count of computer sabotage for allegedly writing and planting the malicious code on Oct. 24, the day he was fired from his job. The malware had been set to detonate at 9:00 a.m. on Jan. 31, but was instead discovered by another engineer five days after it was planted, according to court records.
Makwana, an Indian national, was an employee of technology consulting firm OmniTech, but he worked full time on-site at Fannie Mae’s massive data center in Urbana, Maryland, for three years.
On the afternoon of Oct. 24, he was told he was being fired because of a scripting error he’d made earlier in the month, but he was allowed to work through the end of the day, according to an FBI affidavit in the case. “Despite Makwana’s termination, Makwana’s computer access was not immediately terminated,” wrote FBI agent Jessica Nye.
Five days later, another Unix engineer at the data center discovered the malicious code hidden inside a legitimate script that ran automatically every morning at 9:00 a.m. Had it not been found, the FBI says the code would have executed a series of other scripts designed to block the company’s monitoring system, disable access to the server on which it was running, then systematically wipe out all 4,000 Fannie Mae servers, overwriting all their data with zeroes.
I understand why IT departments consider it sound management to cut off someone’s privileges just before you fire them.