TSA targeted in alleged internal hack

A former TSA data analyst, Douglas James Duchak, has pleaded not guilty to federal charges that he twice intentionally uploaded malicious code into TSA databases.

According to a two-count indictment handed down March 9 by a Colorado grand jury, Duchak, 46, had been a five-year employee at a TSA Colorado Springs operations center. On Oct. 22 and then again on Oct. 23, Duchak allegedly uploaded malware onto TSA servers. Duchak had been given two weeks' notice that his employment would be terminated at the end of the month.

Duchak's duties included updating TSA servers with new information from the Terrorist Screening Database and U.S. Marshal's Service Warrant Information Network database, according to the indictment. The Colorado Springs center vets "individuals having access to sensitive information and secure areas of the nation's transportation network," the indictment states.

The indictment doesn't say how much damage Duchak might have caused to local servers holding those databases. The Denver Post reports that TSA technicians spotted the code and disabled it before any damage could occur.

Duchak made his first appearance in court March 10 in U.S. District Court in Denver where he pleaded not guilty and was released on a $25,000 bond. If convicted, he faces a maximum of 10 years in prison and a fine of $250,000 for each of the two counts for which the federal jury indicted him.  

Duchak's attorney, David Lindsey, told Wired that Duchak's work on a beta system used for testing statistical analysis only "remotely" related to passenger screening. The code was not a virus, Lindsey said.

Duchak was investigated by the TSA's office of inspection, the Homeland Security Department's inspector general and the FBI. This case is being prosecuted by Assistant U.S. Attorney Patricia Davies, who is the chief of the special prosecutions section.

For more on the case:
- check out the indictment (.pdf)
- this FBI press release
- this Wired story
- this Denver Post story