TSA Worker Tried to Sabotage Terror Database

March 12, 2010

A former Transportation Security Administration contractor is being charged for allegedly injecting malicious code into a government network used for screening airport security workers and others, says an AP report.

The malicious code, a logic bomb installed last October, was designed to cause damage and disrupt data on servers on an undisclosed date but was caught by other workers before it delivered its payload. Douglas James Duchak had worked as a data analyst at the TSA’s Colorado Springs Operations Center, or CSOC, since 2004.

The CSOC is used to vet people who have “access to sensitive information and secure areas of the nation’s transportation network,” according to the report. The CSOC network stores updated information from the government’s terrorist watchlist as well as criminal histories from the U.S. Marshal’s Service Warrant Information Network.

Duchak’s job was to update the CSOC database as new information arrived from these two sources, the report says. But on Oct. 15, he was given two weeks’ notice that his job would be terminated. About a week later, the report says he allegedly transmitted the malicious code onto a CSOC server that stored data from the U.S. Marshal’s Service, according to the indictment (.pdf). The next day, he allegedly loaded malicious code to a server containing the Terrorist Screening Database.

He has been charged in the U.S. District of Colorado with two counts of attempting to cause damage to a protected computer.

Microsoft’s Edna Conway, Chief Security and Risk Officer of Azure, will lead this session and provide a real-world, tangible approach to address security and resilience to support you in your journey to operational resilience.

Protecting employees from potential exposure could be a daunting task, but with the right property technology, your office space can become an interactive and responsive asset that helps you ensure new health protocol compliance.