Very interesting article by Bruce Schneier in yesterday’s Wall Street Journal.

Reminds me of a so-called “Glitch” which occurred with PayPal not long ago and was rumoured to have been the result of malicious coding by a disgruntled employee facing layoff.

Thwarting an Internal Hacker

Rajendrasinh Makwana was a UNIX contractor for Fannie Mae. On Oct. 24, he was fired. Before he left, he slipped a logic bomb into the organization’s network. The bomb would have “detonated” on Jan. 31. It was programmed to disable access to the server on which it was running, block any network monitoring software, systematically and irretrievably erase everything –and then replicate itself on all 4,000 Fannie Mae servers. Court papers claim the damage would have been in the millions of dollars, a number that seems low. Fannie Mae would have been shut down for at least a week.

Luckily –and it does seem it was pure luck – another programmer discovered the script a week later, and disabled it.

Insiders are a perennial problem. They have access, and they’re known by the system. They know how the system and its security works, and its weak points. They have opportunity. Bank heists, casino thefts, large-scale corporate fraud, train robberies: many of the most impressive criminal attacks involve insiders. And, like Makwana’s attempt at revenge, these insiders can have pretty intense motives – motives that can only intensify as the economy continues to suffer and layoffs increase.

Insiders are especially pernicious attackers because they’re trusted. They have access because they’re supposed to have access. They have opportunity, and an understanding of the system, because they use it – or they designed, built, or installed it. They’re already inside the security system, making them much harder to defend against.

read more