News

Ex-TSA Employee Charged with Infecting Databases

A federal grand jury in Colorado has charged a former Transportation Security Administration data analyst with injecting malicious code into two TSA databases last year, about a week before his employment was about to end.

An indictment handed down March 10 alleges that Douglas James Duchak, 46, of Colorado Springs, Colo., intentionally tried to damage two protected computers in October 2009 at the Colorado Springs Operations Center, where he worked. The center handles data from the interagency Terrorist Screening Database (TSBD) and the U.S. Marshal Service's Warrant Information Network (WIN).

According to the indictment, Duchak was told on Oct. 15 that his employment would be terminated on Oct. 30. On Oct. 22, he allegedly inserted code into the WIN database in an attempt to cause damage to the host computer and the database. The next day, he did the same thing to TSBD, the indictment charges. The code reportedly was intended to activate at a later date, but was caught first by other employees. The indictment doesn't say what kind of damage the code would have caused.

Duchak pleaded not guilty in U.S. District Court in Denver on March 10, and was released on bail. In a report at Wired.com, Duchak's attorney said the servers Duchak is charged with infecting were parts of beta systems used for testing statistical analyses.

If convicted, Duchak faces up to 10 years in federal prison and a fine of up to $250,000 for each of the two counts.

The TSBD is handled by the FBI’s Terrorist Screening Center and used by multiple agencies. It contains a variety of watch lists, including the Homeland Security Department's no-fly list and the Justice Department's Interpol Terrorism Watch List.

This case was investigated by TSA's Office of Inspection, Homeland Security Department's Office of the Inspector General and the FBI.

About the Author

Kevin McCaney is the managing editor of Government Computer News.

Featured

  • Tamper Protection Now Available to Microsoft Defender ATP Subscribers

    The Microsoft Defender Advanced Threat Protection (ATP) E5 subscription plan now has an optional "tamper protection" security feature, Microsoft announced on Monday.

  • Exploring OCR, a New Way To Get Data into Excel

    Microsoft recently added a new optical character recognition feature to Excel that lets users import data from a photograph taken from a smartphone. Here's how to use it.

  • Microsoft Authenticator App To Get Real-Time Phishing Protections

    Microsoft is working on adding capabilities to its Microsoft Authenticator app to help defeat security breaches enabled by advanced attack techniques, including phishing and man-in-the-middle methods.

  • A Quicker Way To Create Hyper-V Inventory Reports

    If you need to generate Hyper-V inventory reports but don't want the hassle of writing your own custom PowerShell script, here is a shortcut.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.