IT contractor indicted for sabotaging offshore rig management system
Company had refused to offer him a permanent job, feds say
Computerworld - An IT contract employee who formerly worked at an oil and gas production company in Long Beach, Calif., was indicted yesterday on charges of sabotaging a computer system he helped set up because the company did not offer him a permanent job.
The case is the latest to highlight the challenge that businesses face in trying to protect corporate systems and networks from rogue insiders and those with privileged access to systems, such as contractors and business partners. Security analysts have warned about the heightened threats such users pose to corporations because of the broader disgruntlement resulting from layoffs and other belt-tightening steps companies have taken during the recession.
Mario Azar, 28 of Upland, Calif., was charged with illegally accessing and compromising a computer system used by Pacific Energy Resources Ltd. (PER) to monitor offshore platforms in California and Anchorage and to detect oil leaks. The indictment papers allege that Azar's actions affected the "integrity and availability" of the system and resulted in it becoming temporarily unavailable. Though no oil spill or environmental hazard occurred while the system was compromised, Azar's actions caused thousands of dollars in damage, the indictment said.
Azar had set up multiple user accounts on the system while working for PER as a contract employee, the complaint said. Azar allegedly used those accounts to illegally gain access to the system after he stopped working for the company in May 2008. The indictment said Azar planted malicious programs on the system, but it provided no other details on the kind of software used, the nature of the damage or how his actions were discovered. Azar's actions appear to have been triggered by PER's refusal to grant him permanent employment at the company, the complaint said.
Wesley Hsu, the assistant U.S. attorney prosecuting the case in federal court for the Central District of California, said he could not provide further details on the sabotage, except to say that it caused thousands of dollars in damage. If convicted on the charge, Azar faces a maximum of 10 years in prison, he said.
The incident is similar to others involving sabotage and data compromises by privileged insiders. In some of the cases, the acts stemmed from disgruntlement tied to a work situation. In September 2007 for instance, a former Unix system administrator at Medco Health Solutions Inc. pleaded guilty in federal court to attempting to sabotage critical data, including medical histories and individual prescription drug data, on more than 70 servers. His actions stemmed from fears of being laid off, federal law enforcement officials said.
Last year, a disgruntled network administrator for the city of San Francisco locked up a crucial network for days by resetting administrative passwords.
In other cases, compromises have occurred when those with privileged access to corporate data and systems try to illegally profit from the fact that they have that access. In July 2007, a senior database administrator at Certegy Check Services Inc. was found to have stolen personal records on more than 8.5 million customers. And in November 2006, a scientist who had worked for 10 years at DuPont admitted to stealing trade secrets worth $400 million from the company just before joining a rival.
Security analysts concede that dealing with such threats can pose a huge challenge for companies and typically requires the implementation of controls for monitoring and filtering network traffic and the adoption of strict role-based access controls. Perhaps most important, the analysts said, is the need for a separation of duties among professionals who have wide-ranging control and access to critical IT assets, such as database, system and network administrators.
Read more about Security in Computerworld's Security Topic Center.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!