Insider at Cal Water steals $9M and runs
On the night of April 27, 2009, hours after he had resigned from his job as an auditor at the California Water Services Company, Abdirahman Ismail Abdi used his still active electronic key card to get into the secured facilities where he used to work.
He then allegedly gained access to computers belonging to two senior executives in two separate buildings at the utility to initiate and confirm three wire transfers totaling more than $9 million, to an account in Qatar.
Early the next day, he put his wife and children on a flight to Frankfurt, Germany and then attempted to deposit a check made out to CWSC totaling more than $25,000, which he had apparently stolen, into his bank account in the U.S.
On May 1, with federal authorities hot on his tail, Abdi cancelled a reservation he had on a flight out of San Francisco to London, and then over the next few days somehow managed to flee to Canada where he remains at large. The money itself, however, has since been recovered.
The attempted theft, as described in court papers filed in the U.S. District Court for the Northern District of California, is the latest example to highlight why security analysts say insiders pose a bigger -- though often underestimated -- threat to corporate assets than external attackers.
Only earlier this month, Wilbur Fondren, deputy director for the U.S. Pacific Command (PACOM) Washington Liaison Office was charged with conspiracy for selling classified government information to a Chinese agent.
Fondren is alleged to have gotten at least some of the information from a classified government computer using his top secret clearances and access. Last August, Rene Rebollo, a former financial analyst at Countrywide Financial Corp., used his access to corporate databases to steal personal information about customers which he then sold to information brokers.
Most notoriously, last July, Terry Childs, a former network administrator for the City of San Francisco's allegedly locked access to a critical FiberWAN city network for days by resetting administrative passwords to its switches and routers, and then refusing to divulge the new passwords.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
