Search /
Advanced search  |  Help  |  Site map
Click for Layer 8! No, really, click NOW!
Networking for Small Business
While Heartbleed distracts, hackers hit US universities
How Apple's billion dollar sapphire bet will pay off
US to vote on sharp increase in broadband subsidies
iPhone 6 rumor rollup for the week ending April 18
NSA spying revelations have tired out China's Huawei
Arista co-founder may have switch maker by its jewels
Apple kicks off public OS X beta testing
Open source pitfalls – and how to avoid them
AT&T's expanded 1 Gbps fiber rollout could go head to head with Google
BlackBerry Releases BES 10 Security Update to Address 'Heartbleed' Flaw
Verizon: Web apps are the security punching bag of the Internet
Cisco announces security service linked with new operations centers
Dell launches virtual storage accelerator, aims to boost SAN performance
Free OS X Mavericks now powers half of all Macs
Even the most secure cloud storage may not be so secure, study finds  
3D printing will transform these five industries
Most but not all sites have fixed Heartbleed flaw
NEC launches face-recognition protection for PCs
Hundreds of medical professionals targeted in multi-state tax scam
Super-high frequencies could one day deliver your mobile video
Americans cool with lab-grown organs, but not designer babies
IT Departments Not Losing Ground to Managed Service Providers (Yet)
Where's my gigabit Internet, anyway?
IE6: Retired but not dead yet
Enterprise who? Google says little about Apps, business cloud services in Q1 report

Companies urged to report computer sabotage

Related linksToday's breaking news
Send to a friendFeedback

Convincing executives to open their companies up to scrutiny and potential public embarrassment is still the hardest part of setting up a legal case against corporate computer sabotage, according to the prosecuting attorney who has just won a precedent-setting decision.

"With the guilty verdict, the focus shifts from whether we're capable of doing it to whether victim companies are prepared for the battle," says V. Grady O'Malley, who successfully tried the first federal criminal prosecution of computer sabotage. "They don't want to admit they've been victimized, and if they do, they don't want to admit how serious the victimization is... Convincing them they're not going to be victimized all over again is a tough sell."

O'Malley has just nailed down a legal victory with the reinstatement of a guilty verdict against Tim Lloyd of Delaware, a network administrator who destroyed the network he built at Omega Engineering. Lloyd built and planted a software time bomb that went off on July 31, 1996, deleting and purging the 1,200 manufacturing programs that kept Omega up and running.

The Lloyd case is the tip of the iceberg. This past summer, a New Hampshire man pleaded guilty to twice breaking into and sabotaging his former employer's computer network after being terminated. In September, a former IS worker at a Florida-based national grocery distributor was found guilty in the U.S. District Court in Miami, on two federal counts of computer sabotage.

In another case that is getting ready to go to trial in Las Vegas, a network consultant is charged with sabotaging the computer network of one of his clients, Steinberg Diagnostic Medical Imaging. The consultant is charged with three counts of network intrusion for changing passwords in the network and locking company administrators out of their own system.

Both the FBI and the United States Secret Service report that cases of insider-based computer sabotage are on the rise.

"Definitely, the amount of these cases has been increasing," says Special Agent-in-Charge James Washington, of the Secret Service's Philadelphia field office, where members conducted the investigation that led to Lloyd's arrest and prosecution. "The figure I'm working with shows that 50% to 75% of these cases are contributable to disgruntled employees... It's indicative of a trend or vulnerability in private systems."

And that increase in cases means a growing number of companies will have to decide whether to turn to federal law enforcement agencies to report cases of sabotage. And despite the losses they may have suffered, it's not always an easy decision to make.

"What is a company prepared to do? How far will they go? Will they be on board next year or the year after?" asks O'Malley. "The discovery process in the federal system can be very discouraging for victims. The defense counsel can start requesting all sorts of information they don't want to give up. They may be putting themselves or their shareholders in a position where critical financial information is being disclosed... People will be interviewed. There will be a grand jury."

He adds: "You can think of a thousand reasons they might not be cooperative. But if a victim company says how long is this going to take and what's going to happen to this guy? We can tell them that there will be a day of reckoning for this guy, for doing this. You can count on that."

The Secret Service's Washington says the agency is focused on bringing that day of reckoning to anyone involved in computer sabotage. And he's glad to have the experience from this case under their belt.

"This case showed the importance of having two parallel types of investigations," says Washington. "While we, the investigators, were doing the traditional investigations, the technical forensic backtracking was being done at the same time. Those two investigative paths came together for us."

Washington adds that companies should contact the Secret Service in any instance of computer sabotage or fraud.

Related Links

Contact Feature Writer Sharon Gaudin

Other recent articles by Gaudin

Error 404--Not Found

Error 404--Not Found

From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:

10.4.5 404 Not Found

The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent.

If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address.

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.