[Infowarrior] - TSA: Epic Fail (of infosec 101)

[Richard Forno]

Epic Fail!!   For years we advise clients that if you're going to fire  
someone who has access to sensitive systems you cut off their access  
*before* you fire them, and you escort them from the building.  So  
what did TSA do?   Gave this guy two weeks' notice and did nothing  
about his access to sensitive national security systems.

Theatrical Security Agency, anyone?

-rick


Former TSA analyst charged with computer tampering

He allegedly tried to tamper with databases that track possible  
terrorists
Robert McMillan (IDG News Service)
11 March, 2010 08:09

http://www.goodgearguide.com.au/article/339185/former_tsa_analyst_charged_computer_tampering/

A U.S. Transport Security Administration analyst has been indicted  
with tampering with databases used by the TSA to identify possible  
terrorists who may be trying to fly in the U.S.
Douglas James Duchak, 46, was indicted by a grand jury Wednesday with  
two counts of damaging protected computers. According to a federal  
indictment, Duchak tried to compromise computers at the TSA's Colorado  
Springs Operations Center (CSOC) on Oct. 22, 2009, seven days after  
he'd being given two weeks notice that he was being dismissed. He was  
also charged with tampering with a TSA server that contained data from  
the U.S. Marshal's Service Warrant Information Network.

He "knowingly transmitted code into the CSOC server that contained the  
Terrorist Screening Database, and thereby attempted intentionally to  
cause damage to the CSOC computer and database," prosecutors said  
Wednesday in a press release.

Duchak, who had been with the TSA for about five years at the time,  
was responsible for keeping TSA servers up-to-date with information  
received from the terrorist screening database and the United States  
Marshal's Service Warrant Information Network.

If convicted, Duchak faces 10 years in prison.

He was expected to make his initial appearance in federal court in  
Denver Wednesday.