Gadgetell | Tech News, Reviews, and Interesting Things

The alleged takeover of the City by the Bay may sound totally rare, but, unfortunately, it has happened before that disgruntled employees take to modern technology as a means for revenge.

City tech employee Terry Childs, allegedly modified the city system so that he was the only one with top level clearances. The city is still in a tizzy trying to regain control of their new fiber optic municipal network that handles everything from the mayor’s email to electronic court records. Childs, who was arrested on Sunday, is still being held on $5 million bail, after allegedly refusing to hand over the passwords. He at first did supply some, but they turned out to be bogus.

It isn’t even clear why he did what he did, although it’s been said that in days leading up to his arrest, his behavior towards his colleagues was becoming erratic. A new security chief had been brought in to oversee the group’s security, and over the past few weeks some evidence of tampering had been found. It was escalated to the police, who in turn brought in their own forensics team to investigate their network.

Security expert Adam Shostack, the author of the New School of Information Security, says that assuming the allegations are true that “this is a great example of how powerful insiders can be. Insiders do have a tremendous amount of power.” He does concede however, that such ploys are still rare considering how many network admins are fired or quit without destroying the system behind them.

At least with no real tangible damage reported so far, this incident kind of pales next to past cyber-sabotage efforts through the years.

• In 2008, Danielle Duann, a former employee of the Life Gift Organ Donation Center in Houston, Texas, was indicted for computer hacking. Duann allegedly deleted database records used to match organs to needy patients after she was fired in November, 2005. The feds say the deletions caused more than $70,000 in damages, and had the potential to affect medical treatment.
• In 2007, Lonnie Denison pleaded guilty to intentionally sabotaging a data control center in the California Independent System Operator Corporation, which the Feds described as an effort to bring down the Golden State’s power grid. Denison, a contractor working at the CAL ISO, broke into a high security computer room and pushed an emergency electrical shut-off button for the computer room crashed computers that communicate with California’s deregulated power market.
• In October 2003, Andrew Garcia, a former employee of monitor maker Viewsonic, was sentenced to a year in prison for deleting critical server files that were necessary for Viewsonic’s Taiwan office to do work.
• In 2002, a former American Eagle Outfitters employee posted passwords and logins for the company’s network on a hacker mailing list on Yahoo. He also included instructions on how to get into American Eagle’s wide-area network. He put those instructions into use himself after Thanksgiving 2002, hoping to disrupt the company during the busy holiday season. For his trouble, Kenneth Patterson was sentenced to 18 months in prison.
• A former network administrator for the Inglewood, California-based Airline Coach Service and Sky Limo Company attacked his former employee’s network, deleting files and changing passwords. The hack crashed the company’s dispatch system, causing thousands in losses. When his house was raided by the feds, they discovered a file folder labeled “retaliation.” In 2003, Alan Giang Tran plead guilty to one count of hacking.
• A disgruntled Australian engineer used a laptop and radio control equipment to dump hundreds of thousands of gallons of sewage into rivers and parks in Australia in 2000. The engineer was angry at being rejected for a job from the Maroochy Shire in Queensland, which contracted the company he worked for to make the sewage system.
• Roger Duronio, a disgruntled former UBS PaineWebber employee was sentenced to 97 months in jail for planting a time-bomb program that destroyed files on thousands of computers inside the financial giant’s computer network. Duronio planted the code before his February 22, 2002 resignation, which followed repeated complaints by Duronio about his salary and bonuses. The timer for the code went off on March 4, and Duronio shorted UBS’s stock on the day of the time bomb, hoping to make a profit by having the rogue code drive down the company’s stock price.
• In 1996, a network administrator planted computer code that deleted the sophisticated production software of a high-tech measurement and control instruments company called Omega Engineering, causing $10 million in damages. Timothy Allen Lloyd designed the company’s network, but was fired after 11 years on July 10, 1996. The time bomb went off 20 days later. After being convicted in 2000, Lloyd was eventually sentenced to 41 months imprisonment.

Well, at least when most IT folks go postal…they do it with a computer, not a rifle.

Read [csonline]