Had the malicious script designed to wipe Fannie Mae's 4,000 servers not been discovered, the company could have lost millions of dollars and a week's worth of up-time.
"On October 24, 2008, at 2:53 pm, a successful SSH (secure shell) login from IP address 172.17.38.29, with user ID s9urbm, assigned to Makwana, gained root access to dsysadmin01, the development server," the affidavit states. "...IP address 172.17.38.29 was last assigned to the computer named rs12h-Lap22, which was [a Fannie Mae] laptop assigned to Makwana...The laptop and Unix workstation where Makwana was able to gain root access and create the malicious script were located in his cubicle."
A script on development server dsysadmin01 should not have been able to "wipe" 2000 servers. This is b/s