- Hello, Gorgeous! 15 of the greatest tech designs ever
- Best Buy calls Twitter a job qualification
- Cisco lays off hundreds in San Jose
- Eight real-life robots that could kill us all
- 10 gifts from Apollo
The unfolding cliffhanger in San Francisco this week – in which a city network administrator has been arrested for allegedly holding the network hostage – represents an extreme example of the insider threat that IT security vendors and others have been sounding the alarm about for years.
IT administrator pleads not guilty to network tampering | See courtroom images here.
City prosecutors and San Francisco Mayor Gavin Newsom were still seeking to resolve the crisis by having experts try to take back the city's compromised network from 43-year-old Terry Childs, who was arrested when he refused to relinquish network control.
There's worry that Childs, who has worked for the city for five years but faced firing for alleged poor performance, may have installed the means to electronically destroy sensitive documents. Childs, being held in a jail cell on $5 million bond, also happens to be a former felon convicted of aggravated robbery and burglary stemming from charges over two decades ago, which the city knew when it hired him as a city computer engineer.
He has pled not guilty to four counts of computer tampering, accused of creating a single password and denying any other administrator access to the city's network. His lawyer in the ongoing negotiations says Childs is "willing to cooperate."
"So far he's not willing to give the passwords out and we're still trying to regain access," says Ron Vinson, chief administrative officer for the city's Department of Technology, who says Childs was part of the team that designed the city's network that has taken shape over the past four years. He adds that city workers currently do have normal access to records.
The insider threat is typically described as including disgruntled and unscrupulous employees trying to gain access to information they shouldn’t, and sharing it for personal gain, espionage or revenge. Finding countermeasures now looms large in the plans of many companies—especially ones that have been hit. (Compare Data Leak Protection products.)
“A year ago we suffered some breaches,” says Steve Farrow, managing director for the U.K.-based operations of Pilz, the Ostfildern, Germany-based manufacturer of industrial safety machinery. “We suffered a physical break-in where someone stole hard disks in order to steal computer data, not taking the whole machine. They targeted intellectual property linked to development plans. It wasn’t encrypted.”
The Leader in Network Knowledge
Comments (40)
under-ratedBy Anonymous on September 11, 2008, 1:48 pmIt seems these companies aren't paying these guys enough for the responsibilities they have if they believe they have to steal to get ahead. It also seems these...
Reply | Read entire comment
Meh!By The Cheat on September 11, 2008, 12:29 pmMeh!
Reply | Read entire comment
How old was he in 1982?By Anon on July 23, 2008, 9:38 amHow old was he in 1982? Judging from his stupid, teenage mistakes, it sounds like he turned his life around and made a fine, upstanding citizen of himself.
Reply | Read entire comment
Judging from personalBy Anon on July 23, 2008, 9:23 amJudging from personal experience, the following article is the only one that made any sense to me at all: http://www.pcworld.com/businesscenter/article/148669-1/the_story_behind_san_franciscos_rogue_network_admin.html
Reply | Read entire comment
People who can't find the Caps Lock keyBy Anonymous on July 22, 2008, 12:14 pmAlways amuses me when loudmouths contribute to forums like this and can't even master normal capitalisation. And what, pray, is a 'looser'? or 'asteem'?
Reply | Read entire comment
View all comments