Massachusetts Cop Forum banner
1 - 2 of 2 Posts

· MassCops Angel
121,617 Posts
Discussion Starter · #1 ·
SAN FRANCISCO -- A disgruntled city computer engineer has virtually commandeered San Francisco's new multimillion-dollar computer network, altering it to deny access to top administrators even as he sits in jail on $5 million bail, authorities said Monday.
Terry Childs, a 43-year-old computer network administrator who lives in Pittsburg, has been charged with four counts of computer tampering and is scheduled to be arraigned today.
Prosecutors say Childs, who works in the Department of Technology at a base salary of just over $126,000, tampered with the city's new FiberWAN (Wide Area Network), where records such as officials' e-mails, city payroll files, confidential law enforcement documents and jail inmates' bookings are stored.
Childs created a password that granted him exclusive access to the system, authorities said. He initially gave pass codes to police, but they didn't work. When pressed, Childs refused to divulge the real code even when threatened with arrest, they said.
He was taken into custody Sunday. City officials said late Monday that they had made some headway into cracking his pass codes and regaining access to the system.
Childs has worked for the city for about five years. One official with knowledge of the case said he had been disciplined on the job in recent months for poor performance and that his supervisors had tried to fire him.
"They weren't able to do it - this was kind of his insurance policy," said the official, speaking on condition of anonymity because the attempted firing was a personnel matter.
Authorities say Childs began tampering with the computer system June 20. The damage is still being assessed, but authorities say undoing his denial of access to other system administrators could cost millions of dollars.
Officials also said they feared that although Childs is in jail, he may have enabled a third party to access the system by telephone or other electronic device and order the destruction of hundreds of thousands of sensitive documents.
Authorities have searched Childs' home and car for a device that could be used in such an attack, but so far no such evidence has been found.
As part of his alleged sabotage, Childs engineered a tracing system to monitor what other administrators were saying and doing related to his personnel case, law enforcement officials said.
Childs became the target of suspicions inside the technology agency this year, and the case was referred for police investigation in late June, authorities say.
At a news conference announcing Childs' arrest, District Attorney Kamala Harris was tightlipped about what his motive may have been.
"Motive is not necessarily an element of a crime," Harris said. "This city employee committed four felonies."
She added, "This involves compromising a public system that we rely on. Its integrity has been compromised."
The system continues to operate even though administrators have limited or no access, officials said.
"Right now our system is up and running and we haven't had any problems so far," said Ron Vinson, chief administrative officer for the Department of Technology.
Vinson said the city is "working around the clock" to make sure the system is maintained and operable.
Nathan Ballard, a spokesman for Mayor Gavin Newsom, said the mayor was "confident that (the Department of Technology) is doing everything necessary to maintain the integrity of the city's computer networks."
Childs appeared in court Monday but did not have a lawyer assigned to him.
Childs, according to payroll records, earned $126,735 in base pay in 2007 and additional premium pay of $22,534, for a total of $149,269. Vinson said the extra money was apparently compensation for being on-call as a trouble-shooter.

· Subscribing Member
7,248 Posts
The purported takeover of the San Francisco government's new fiber optic network by an employee who locked out all the other administrators sounds extreme, but disgruntled or fired employees have always used computers to get a dose of revenge.
The city is STILL scrambling to regain control of the municipal network that handles everything from the mayor's e-mail to San Francisco's electronic court records, according to Ron Vinson, the deputy director of San Francisco's telecommunications and information services department.
Terry Childs, a city tech employee, allegedly modified the system so that only he had top level permissions. Childs was arrested Sunday and is being held on $5 million bail, after allegedly refusing to hand over the passwords.
"This is a great example of how powerful insiders can be," assuming the allegations are true, says security expert Adam Shostack, the author of the New School of Information Security. "Insiders do have a tremendous amount of power."
At the same time, such shenanigans are still rare, at least compared to how many network administrators are fired, or quit, without burning the system behind them, says Shostack. One thing's for certain: with no actual damage reported, the San Francisco incident pales next to other reported cyber-sabotage efforts.

  • In 2008, Danielle Duann, a former employee of the Life Gift Organ Donation Center in Houston, Texas, was indicted for computer hacking. Duann allegedly deleted database records used to match organs to needy patients after she was fired in November, 2005. The feds say the deletions caused more than $70,000 in damages, and had the potential to affect medical treatment.
  • In 2007, Lonnie Denison pleaded guilty to intentionally sabotaging a data control center in the California Independent System Operator Corporation, which the Feds described as an effort to bring down the Golden State's power grid. Denison, a contractor working at the CAL ISO, broke into a high security computer room and pushed an emergency electrical shut-off button for the computer room crashed computers that communicate with California's deregulated power market.
  • In October 2003, Andrew Garcia, a former employee of monitor maker Viewsonic, was sentenced to a year in prison for deleting critical server files that were necessary for Viewsonic's Taiwan office to do work.
  • In 2002, a former American Eagle Outfitters employee posted passwords and logins for the company's network on a hacker mailing list on Yahoo. He also included instructions on how to get into American Eagle's wide-area network. He put those instructions into use himself after Thanksgiving 2002, hoping to disrupt the company during the busy holiday season. For his trouble, Kenneth Patterson was sentenced to 18 months in prison.
  • A former network administrator for the Inglewood, California-based Airline Coach Service and Sky Limo Company attacked his former employee's network, deleting files and changing passwords. The hack crashed the company's dispatch system, causing thousands in losses. When his house was raided by the feds, they discovered a file folder labeled "retaliation." In 2003, Alan Giang Tran plead guilty to one count of hacking.
  • A disgruntled Australian engineer used a laptop and radio control equipment to dump hundreds of thousands of gallons of sewage into rivers and parks in Australia in 2000. The engineer was angry at being rejected for a job from the Maroochy Shire in Queensland, which contracted the company he worked for to make the sewage system.
  • Roger Duronio, a disgruntled former UBS PaineWebber employee was sentenced to 97 months in jail for planting a time-bomb program that destroyed files on thousands of computers inside the financial giant's computer network. Duronio planted the code before his February 22, 2002 resignation, which followed repeated complaints by Duronio about his salary and bonuses. The timer for the code went off on March 4, and Duronio shorted UBS's stock on the day of the time bomb, hoping to make a profit by having the rogue code drive down the company's stock price.
  • In 1996, a network administrator planted computer code that deleted the sophisticated production software of a high-tech measurement and control instruments company called Omega Engineering, causing $10 million in damages. Timothy Allen Lloyd designed the company's network, but was fired after 11 years on July 10, 1996. The time bomb went off 20 days later. After being convicted in 2000, Lloyd was eventually sentenced to 41 months imprisonment.
Despite the horror stories, at least one can be thankful that when someone in the IT department goes postal, they tend to take down the mail server, not pick up an assault rifle.
1 - 2 of 2 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.