An attempt of a different kind of bail-out was thwarted late last year. On October 29, 2008, a senior Unix enginner for Fannie Mae found a bomb supposedly planted by a contractor who had been fired a few days earlier. The “bomb” was a script set to activate on January 31, 2009, when it would wipe out all of Fannie Mae’s 4,000 servers.

Rajendrasinh Makwana, the fired contractor, pleaded not guilty today. Makwana was fired early on the afternoon of Oct. 24; an affidavit states he was fired for, two weeks earlier, erroneously writing instructions that changed server settings.

Then, before surrendering his Fannie Mae badge at the end of his last day, Makwana “intentionally and without authorization caused and attempted to cause damage to Fannie Mae’s computer network by entering malicious code”. According to the logs, Makwana worked on his script from around 2:30pm all the way to 4:30pm, returning his badge at 4:45pm.

According to an FBI affidavit, a Fannie Mae engineer discovered the malicious instructions by chance: “the malicious script was at the bottom of the legitimate script, separated by approximately one page of blank lines, apparently in an effort to hide the malicious script within the legitimate script”.

Anyone that logged into the Fannie Mae network on Jan. 31 would have seen a message “Server Graveyard”. ZD Net has copies of indictements and affidavits.

* * *

That’s one way of dealing with toxic assets. The other seems to be a 4-trillion-dollar “bad bank“. Not sure which one is more expensive.

Advertisements