Sunday, March 14, 2010
Feds: TSA Worker Tried to Sabotage Terror Database
A former Transportation Security Administration contractor is being charged in Colorado for allegedly injecting malicious code into a government network used for screening airport security workers and others.
Douglas James Duchak, 46, worked as a data analyst at the TSA’s Colorado Springs Operations Center, or CSOC, since 2004. On Oct. 15, he was given two weeks’ notice that his job would be terminated.
The CSOC network stores updated information from the government’s terrorist watchlist as well as criminal histories from the U.S. Marshal’s Service Warrant Information Network. Duchak’s job was to update the CSOC database as new information arrived from these two sources. The CSOC is used to vet people who have “access to sensitive information and secure areas of the nation’s transportation network.”
The malicious code was a "logic bomb" designed to cause damage and disrupt data on servers on an undisclosed date but was caught by other workers before it delivered its payload.
On Oct. 22, Duchak allegedly transmitted the malicious code onto a CSOC server that stored data from the U.S. Marshal’s Service, according to the indictment. The next day, he allegedly loaded malicious code to a server containing the Terrorist Screening Database. The source involved in the case said the servers “are part of the system that contains the no-fly list” and added that the code, if it had gone undetected, could have traveled to a facility in another state that uses a similar computer system.