Thursday, January 13, 2011

TSA Worker Sentenced to Prison for Planting Malware in Screening Computer Network

In the continuing theater that is the Transportation Safety Administration screening procedures comes this dandy little tidbit.  Douglas Duchak, an employee at the TSA’s Colorado Springs Operations Center, was convicted of planting what has been described as a "logic bomb" or malware in the data base of the system used to screen airline passengers.

Security records show that Mr. Duchak, after learning he was being terminated in 2009, entered the facility late at night and injected the code into the database.  Luckily the program was found by other workers before it activated and scrambled records. 

Now do you feel safer?  One guy with a thumb drive and a few lines of code could have screwed up the whole nation's system for screening passengers, or worse, he could have changed a couple of critical records that might have changed the "no-fly" list. 

Perhaps the TSA might learn that when they are terminating someone, pay them for 2 weeks, but don't let them hang around, especially if they work in a sensitive area. 

No comments: