Actu
Sophos: Fannie Mae employee accused of planting malware Timebomb
January 2009 by Sophos
Sophos is reminding businesses of the importance of properly safeguarding IT networks following the news that a federal grand jury in Maryland, US, has indicted a 35-year-old ex-employee of Fannie Mae for planting a malicious script, designed to destroy data on the US financial giant’s servers.
According to media reports, Rajendrasinh Babubhai Makwana worked as a software engineer at Fannie Mae’s offices in Maryland for three years, where he is said to have had access to all of the company’s 4,000 servers.
During this time, Makwana, an Indian citizen who now resides in Virginia, is alleged to have embedded destructive code on the company’s server which was due to trigger at 9:00 am on 31 January 2009, wiping out all data across the network by overwriting it with zeroes. According to the prosecution case, anyone trying to log in to the network on 31 January would have received a message saying ’Server Graveyard’.
Documents presented to the court state that, Fannie Mae terminated Makwana’s employment in October 2008 - the malicious script was allegedly found the following day. If found guilty, Makwana could face a sentence of up to ten years in prison.
"Obviously this case is ongoing, with charges not yet proven against Makwana, but it should serve as a timely reminder to all companies as to what they should be prepared for," said Graham Cluley, senior technology consultant at Sophos. "Implementing a combination of robust user policies and security measures is crucial in order to safeguard their IT networks - and ultimately their business - against such incidents."
"As the credit crunch forces companies to tighten their belts around the world, more and more firms will be making the difficult decision to make staff redundant. But it’s important to remember that a disaffected employee could create havoc inside your organisation," continued Cluley. "We can only imagine the impact if an attack like this hadn’t been intercepted and had successfully struck a financial institution - with public confidence in the financial system at an all-time low, coupled with an unstable economy, the consequences would be dire."
"Had this malicious script executed, it would have probably caused millions of dollars of damage and reduced - if not shutdown - operations at Fannie Mae for at least one week," said FBI agent Jessica Nye in a sworn statement. "The total damage would include cleaning out and restoring all 4,000 servers, restoring and securing the automation of mortgages, and restoring all data that was erased."
