Search /
Advanced search  |  Help  |  Site map
Click for Layer 8! No, really, click NOW!
Networking for Small Business
Where's my gigabit Internet, anyway?
Americans cool with lab-grown organs, but not designer babies
IE6: Retired but not dead yet
Enterprise who? Google says little about Apps, business cloud services in Q1 report
DDoS Attackers Change Techniques To Wallop Sites
Can we talk? Internet of Things vendors face a communications 'mess'
AMD's profitability streak ends at two quarters
Michaels says breach at its stores affected nearly 3M payment cards
Exclusive: Google's Project Loon tests move to LTE band in Nevada
H-1B loophole may help California utility offshore IT jobs
How a cyber cop patrols the underworld of e-commerce
For Red Hat, it's RHEL and then…?
Will the Internet of Things Become the Internet of Broken Things?
Kill switches coming to iPhone, Android, Windows devices in 2015
Israeli start-up, working with GE, out to detect Stuxnet-like attacks
Galaxy S5 deep-dive review: Long on hype, short on delivery
Google revenue jumps 19 percent but still disappoints
Windows XP's retirement turns into major security project for Chinese firm
Teen arrested in Heartbleed attack against Canadian tax site
Still deploying 11n Wi-Fi?  You might want to think again
Collaboration 2.0: Old meets new
9 Things You Need to Know Before You Store Data in the Cloud
Can Heartbleed be used in DDoS attacks?
Secure browsers offer alternatives to Chrome, IE and Firefox
Linksys WRT1900AC Wi-Fi router: Faster than anything we've tested

Companies urged to report computer sabotage

Related linksToday's breaking news
Send to a friendFeedback

Convincing executives to open their companies up to scrutiny and potential public embarrassment is still the hardest part of setting up a legal case against corporate computer sabotage, according to the prosecuting attorney who has just won a precedent-setting decision.

"With the guilty verdict, the focus shifts from whether we're capable of doing it to whether victim companies are prepared for the battle," says V. Grady O'Malley, who successfully tried the first federal criminal prosecution of computer sabotage. "They don't want to admit they've been victimized, and if they do, they don't want to admit how serious the victimization is... Convincing them they're not going to be victimized all over again is a tough sell."

O'Malley has just nailed down a legal victory with the reinstatement of a guilty verdict against Tim Lloyd of Delaware, a network administrator who destroyed the network he built at Omega Engineering. Lloyd built and planted a software time bomb that went off on July 31, 1996, deleting and purging the 1,200 manufacturing programs that kept Omega up and running.

The Lloyd case is the tip of the iceberg. This past summer, a New Hampshire man pleaded guilty to twice breaking into and sabotaging his former employer's computer network after being terminated. In September, a former IS worker at a Florida-based national grocery distributor was found guilty in the U.S. District Court in Miami, on two federal counts of computer sabotage.

In another case that is getting ready to go to trial in Las Vegas, a network consultant is charged with sabotaging the computer network of one of his clients, Steinberg Diagnostic Medical Imaging. The consultant is charged with three counts of network intrusion for changing passwords in the network and locking company administrators out of their own system.

Both the FBI and the United States Secret Service report that cases of insider-based computer sabotage are on the rise.

"Definitely, the amount of these cases has been increasing," says Special Agent-in-Charge James Washington, of the Secret Service's Philadelphia field office, where members conducted the investigation that led to Lloyd's arrest and prosecution. "The figure I'm working with shows that 50% to 75% of these cases are contributable to disgruntled employees... It's indicative of a trend or vulnerability in private systems."

And that increase in cases means a growing number of companies will have to decide whether to turn to federal law enforcement agencies to report cases of sabotage. And despite the losses they may have suffered, it's not always an easy decision to make.

"What is a company prepared to do? How far will they go? Will they be on board next year or the year after?" asks O'Malley. "The discovery process in the federal system can be very discouraging for victims. The defense counsel can start requesting all sorts of information they don't want to give up. They may be putting themselves or their shareholders in a position where critical financial information is being disclosed... People will be interviewed. There will be a grand jury."

He adds: "You can think of a thousand reasons they might not be cooperative. But if a victim company says how long is this going to take and what's going to happen to this guy? We can tell them that there will be a day of reckoning for this guy, for doing this. You can count on that."

The Secret Service's Washington says the agency is focused on bringing that day of reckoning to anyone involved in computer sabotage. And he's glad to have the experience from this case under their belt.

"This case showed the importance of having two parallel types of investigations," says Washington. "While we, the investigators, were doing the traditional investigations, the technical forensic backtracking was being done at the same time. Those two investigative paths came together for us."

Washington adds that companies should contact the Secret Service in any instance of computer sabotage or fraud.

Related Links

Contact Feature Writer Sharon Gaudin

Other recent articles by Gaudin

Error 404--Not Found

Error 404--Not Found

From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:

10.4.5 404 Not Found

The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent.

If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address.

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.