The case is the latest to highlight the challenge that businesses face in trying to protect corporate systems and networks from rogue insiders and those with privileged access to systems, such as contractors and business partners. Security analysts have warned about the from such users because of the broader disgruntlement resulting from layoffs and other belt-tightening steps companies have taken during the recession. .
Mario Azar, 28 of Upland, Calif., was charged with illegally accessing and compromising a computer system used by Pacific Energy Resources Ltd. (PER) to monitor offshore platforms in California and Anchorage to detect oil leaks. His indictment papers allege that Azar's actions affected the "integrity and availability" of the system and resulted in it becoming temporarily unavailable. Though no oil spill or environmental hazard resulted from the compromised system, Azar's actions caused thousands of dollars in damage, the indictment said.
Azar had set up multiple user accounts on the system while working for PER as a contract employee, the complaint said. Azar allegedly used those accounts to illegally gain access to the system after he stopped working for the company in May 2008. The indictment said Azar planted malicious programs on the system, but it provided no other details on the kind of software used, the nature of the damage or how his actions were discovered. Azar's actions appear to have been triggered by PER's refusal to grant him permanent employment at the company, the complaint said.
Wesley Hsu, the assistant U.S. attorney prosecuting the case in federal court for the Central District of California, said he could not provide further details on the sabotage, except to say that it caused thousands of dollars in damage. If convicted on the charge, Azar faces a maximum of 10 years in prison, he said.
The incident is similar to others involving sabotage and data compromises by privileged insiders. In some of the cases, the acts stemmed from disgruntlement tied to a work situation. In September 2007 for instance, a pleaded guilty in federal court to attempting to sabotage critical data, including medical histories and individual prescription drug data, on more than 70 servers. His actions stemmed from fears of being laid off, federal law enforcement officials said.
Last year, for the city of San Francisco locked up a crucial network for days by resetting administrative passwords.
In other cases, compromises have resulted when those with privileged access to corporate data and systems try to illegally profit from it. In July 2007, was found to have stolen personal records on more than 8.5 million customers. And in November 2006, a admitted to stealing trade secrets worth US$400 million from the company just before joining a rival.
Security analysts concede that dealing with such threats for companies and typically require the implementation of controls for monitoring and filtering network traffic, strict . Perhaps most important, the analysts said, is the need for a separation of duties among those who have wide-ranging control and access to critical IT assets, such as database, system and network administrators.