A former programmer was convicted this week of planting a malicious script on Fannie Mae’s servers after he was fired.
Rajendrasinh Babubhai Makwana of Montgomery County, Md., was found guilty by a federal jury Oct. 4. A contract worker, Makwana was employed as a UNIX engineer at Fannie Mae’s Urbana, Md., facility from 2006 to until he was fired Oct. 24, 2008.
Five days later, a Fannie Mae senior engineer discovered a malicious script embedded in a routine program, authorities said. A subsequent analysis of the script, computer logs, Makwana’s laptop and other evidence revealed that he had planted the malicious code the day he was fired, and that it was intended to execute on Jan. 31, 2009.
The malicious code was designed to spread throughout Fannie Mae’s computer network and destroy all data, including financial, securities and mortgage information, authorities said.
“When a security incident of this nature occurs, we tend to file it away as an example of an employee gone bad,” said Todd Chambers, chief marketing officer at identity management firm Courion. “In reality, it constitutes a failure of the organization to uphold its responsibility on behalf of the business to manage, control and monitor the power it provides to its employees and systems.”
Makwana is scheduled to be sentenced Dec. 8, and faces a maximum of 10 years in prison.