Interesting People mailing list archives
TSA: Epic Fail (of infosec 101)
From: David Farber <dave () farber net>
Date: Thu, 11 Mar 2010 09:19:14 -0500
Begin forwarded message: From: Richard Forno <rforno () infowarrior org> Date: March 11, 2010 9:12:52 AM EST To: Undisclosed-recipients: <>; Cc: Dave Farber <dave () farber net>, Bruce Schneier <schneier () schneier com> Subject: TSA: Epic Fail (of infosec 101) Epic Fail!! For years we advise clients that if you're going to fire someone who has access to sensitive systems you cut off their access *before* you fire them, and you escort them from the building. So what did TSA do? Gave this guy two weeks' notice and did nothing about his access to sensitive national security systems. Theatrical Security Agency, anyone? -rick Former TSA analyst charged with computer tampering He allegedly tried to tamper with databases that track possible terrorists Robert McMillan (IDG News Service) 11 March, 2010 08:09 http://www.goodgearguide.com.au/article/339185/former_tsa_analyst_charged_computer_tampering/ A U.S. Transport Security Administration analyst has been indicted with tampering with databases used by the TSA to identify possible terrorists who may be trying to fly in the U.S. Douglas James Duchak, 46, was indicted by a grand jury Wednesday with two counts of damaging protected computers. According to a federal indictment, Duchak tried to compromise computers at the TSA's Colorado Springs Operations Center (CSOC) on Oct. 22, 2009, seven days after he'd being given two weeks notice that he was being dismissed. He was also charged with tampering with a TSA server that contained data from the U.S. Marshal's Service Warrant Information Network. He "knowingly transmitted code into the CSOC server that contained the Terrorist Screening Database, and thereby attempted intentionally to cause damage to the CSOC computer and database," prosecutors said Wednesday in a press release. Duchak, who had been with the TSA for about five years at the time, was responsible for keeping TSA servers up-to-date with information received from the terrorist screening database and the United States Marshal's Service Warrant Information Network. If convicted, Duchak faces 10 years in prison. He was expected to make his initial appearance in federal court in Denver Wednesday. ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- TSA: Epic Fail (of infosec 101) David Farber (Mar 11)