Compliance Management, Critical Infrastructure Security

Former Boeing employee charged in data theft

Seattle police have charged a former Boeing employee with 16 counts of computer trespass for the alleged theft of 320,000 files, as well as leaking them to a Seattle-area daily newspaper.

According to the case study released this week, Gerald Eastman, a former quality-assurance inspector at Boeing, copied the confidential company documents to a portable drive from Sept. 24, 2004 to April 9, 2006, violating corporate policies. He stored the files on his home computer, police allege.

Boeing estimated that the potential financial damage if some of the documents fell into the wrong hands could range between $5 billion and $15 billion.

Eastman, to be arraigned July 17, could spend up to 57 months in prison if convicted on all counts. The case summary said articles using information credited to "internal Boeing documents" associated with Eastman appeared in The Seattle Times newspaper.

Eastman told the Seattle Post-Intelligencer that he's "a whistle blower." He said he was attempting to "get crimes at Boeing, and the people at the FAA facilitating those crimes, brought to justice."

The police report alleged that Edward claims he collected the information to prove that there were flaws with the inspection process of one of Boeing's new planes.

Seattle police said they discovered password-cracking tools on Eastman's computers.

 "Although the files Eastman took were not encrypted or password protected, Eastman had to exploit a weakness in Boeing's computer system to access them," according to the criminal complaint. It added that Eastman methodically searched Boeing systems for unprotected files and that he was routinely denied access to many of them.

This is the latest in a series of arrests of insiders. Last week, financial processing company Fidelity National Information Services revealed that a subsidiary's employee stole 2.3 million consumer records containing credit card, bank account and other personal information.

Many large companies simply fail to "verify what their [privileged] employees are doing," said Phil Neray, vice president of marketing at Guardium, a vendor of database-access monitoring products. "This was an employee with unfettered access to sensitive information as part of his job."

Had Boeing deployed automated activity-monitoring technology, Neray pointed out, "it would have immediately noticed that something that didn't fit inside of [Edwards'] normal patterns of activity was happening."

Traditional network-monitoring products don't uncover these kinds of malicious insider activity, said Michael Rothschild, senior director of product marketing at Orchestria, which develops policy-compliance software. Those products look at the [network] border rather than internal, and would have been blind to such insider actions, he added.

In December 2006, Boeing fired an employee for violating company policy by downloading personal information about 382,000 former and current Boeing employees onto a laptop without encrypting it. His laptop was subsequently stolen.

Boeing has "taken steps" to prevent similar breaches, such as the Edwards' theft, from occurring in the future, Tim Neale, a Boeing spokesman, told SCmagazine.com. "But we're not talking about them publicly."

 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.