A former systems administrator at Medco Health Solutions pleaded guilty in federal court Wednesday to writing and planting malicious code that could have crippled a network that maintains customer health care information.
Yung-Hsun Lin, of Montville, N.J., pleaded guilty in U.S. District Court in Newark, N.J. to the charge of transmitting code that would cause damage to a protected computer. The charge carries a maximum sentence of 10 years, but the plea deal sets a guideline of 30 to 37 months. The judge, who will levy the sentence on Jan. 8, is not bound to the guidelines.
"Had this gone off, the damage to Medco's reputation could have been catastrophic," Assistant U.S. Attorney Erez Liebermann told InformationWeek. "I look at this as one of the most significant [computer sabotage] cases because it could have done more than financial damage."
Lin admitted to creating and planting the malicious code, or logic bomb, on Medco's computer network because he feared he would lose his job in an expected round of layoffs. Another systems administrator at the company, however, foiled his plan when he discovered the logic bomb before it went off.
If it had been detonated, prosecutors say the code would have eliminated pharmacists' ability to know if a new prescription would dangerously interact with a patient's current prescriptions. They also say it would have caused widespread financial damages to the company. Even though it didn't go off, Medco reported that it cost them between $70,000 and $120,000 to clean up the problem.
No comments:
Post a Comment