SANS Digital Forensics and Incident Response Blog: Tag - change control

Change Controls: Ur Doin It Rong

by Hal Pomeranz, Deer Run Associates

More details are emerging in the case of Rajendrasinh Makwana, a former consultant at Fannie Mae, who allegedly planted malicious code on Fannie Mae's servers after he had been terminated. If the code had not been detected, it apparently would have destroyed data on a large number of Fannie Mae's servers on January 31st.

There's been a great deal of hand-wringing over the fact that Makwana continued to have sufficient access after he was terminated to allow him to plant the malicious code. Well, let's review the facts as presented by FBI Agent Jessica Nye's affidavit:

"On October 24, 2008 between 1:00 and 1:30pm, MAKWANA was terminated as an employee of [Fannie Mae]... At