Ex-Programmer Sentenced For Planting Logic Bomb

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved,

The code, inserted by a former employee, was designed to wipe out all data held by the US’ federal mortgage association

A former programmer was convicted this week of planting a malicious script on the servers of the US’ Federal National Mortgage Association, known as Fannie Mae, after he was fired.

Rajendrasinh Babubhai Makwana of Montgomery County, Maryland was found guilty by a federal jury on 4 October. A contract worker, Makwana was employed as a UNIX engineer at Fannie Mae’s Urbana, Maryland facility from 2006 to until he was fired on 24 October, 2008.

Malicious code

Five days later, a Fannie Mae senior engineer discovered a malicious script embedded in a routine program, authorities said. A subsequent analysis of the script, computer logs, Makwana’s laptop and other evidence revealed that he had planted the malicious code the day he was fired, and that it was intended to execute on 31 January, 2009.

The malicious code was designed to spread throughout Fannie Mae’s computer network and destroy all data, including financial, securities and mortgage information, authorities said.

“When a security incident of this nature occurs, we tend to file it away as an example of an employee gone bad,” said Todd Chambers, chief marketing officer at identity management firm Courion. “In reality, it constitutes a failure of the organisation to uphold its responsibility on behalf of the business to manage, control and monitor the power it provides to its employees and systems.”

Makwana is scheduled to be sentenced on 8 December, and faces a maximum of 10 years in prison.