IT contractor indicted for sabotaging offshore rig management system
Company had refused to offer him a permanent job, feds say
Computerworld - An IT contract employee who formerly worked at an oil and gas production company in Long Beach, Calif., was indicted yesterday on charges of sabotaging a computer system he helped set up because the company did not offer him a permanent job.
The case is the latest to highlight the challenge that businesses face in trying to protect corporate systems and networks from rogue insiders and those with privileged access to systems, such as contractors and business partners. Security analysts have warned about the heightened threats such users pose to corporations because of the broader disgruntlement resulting from layoffs and other belt-tightening steps companies have taken during the recession.
Mario Azar, 28 of Upland, Calif., was charged with illegally accessing and compromising a computer system used by Pacific Energy Resources Ltd. (PER) to monitor offshore platforms in California and Anchorage and to detect oil leaks. The indictment papers allege that Azar's actions affected the "integrity and availability" of the system and resulted in it becoming temporarily unavailable. Though no oil spill or environmental hazard occurred while the system was compromised, Azar's actions caused thousands of dollars in damage, the indictment said.
Azar had set up multiple user accounts on the system while working for PER as a contract employee, the complaint said. Azar allegedly used those accounts to illegally gain access to the system after he stopped working for the company in May 2008. The indictment said Azar planted malicious programs on the system, but it provided no other details on the kind of software used, the nature of the damage or how his actions were discovered. Azar's actions appear to have been triggered by PER's refusal to grant him permanent employment at the company, the complaint said.
Wesley Hsu, the assistant U.S. attorney prosecuting the case in federal court for the Central District of California, said he could not provide further details on the sabotage, except to say that it caused thousands of dollars in damage. If convicted on the charge, Azar faces a maximum of 10 years in prison, he said.
The incident is similar to others involving sabotage and data compromises by privileged insiders. In some of the cases, the acts stemmed from disgruntlement tied to a work situation. In September 2007 for instance, a former Unix system administrator at Medco Health Solutions Inc. pleaded guilty in federal court to attempting to sabotage critical data, including medical histories and individual prescription drug data, on more than 70 servers. His actions stemmed from fears of being laid off, federal law enforcement officials said.
Last year, a disgruntled network administrator for the city of San Francisco locked up a crucial network for days by resetting administrative passwords.
In other cases, compromises have occurred when those with privileged access to corporate data and systems try to illegally profit from the fact that they have that access. In July 2007, a senior database administrator at Certegy Check Services Inc. was found to have stolen personal records on more than 8.5 million customers. And in November 2006, a scientist who had worked for 10 years at DuPont admitted to stealing trade secrets worth $400 million from the company just before joining a rival.
Security analysts concede that dealing with such threats can pose a huge challenge for companies and typically requires the implementation of controls for monitoring and filtering network traffic and the adoption of strict role-based access controls. Perhaps most important, the analysts said, is the need for a separation of duties among professionals who have wide-ranging control and access to critical IT assets, such as database, system and network administrators.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts