San Francisco’s network held hostage by network admin

Filed under Hacking

This is just a classic case of one administrator who managed to get all the “keys to the kingdom”. From the San Francisco Chronicle:

“Terry Childs, a 43-year-old computer network administrator who lives in Pittsburg, has been charged with four counts of computer tampering and is scheduled to be arraigned today.

Prosecutors say Childs, who works in the Department of Technology at a base salary of just over $126,000, tampered with the city’s new FiberWAN (Wide Area Network), where records such as officials’ e-mails, city payroll files, confidential law enforcement documents and jail inmates’ bookings are stored.

Childs created a password that granted him exclusive access to the system, authorities said. He initially gave pass codes to police, but they didn’t work. When pressed, Childs refused to divulge the real code even when threatened with arrest, they said.”

As part of his plan he also:

“…engineered a tracing system to monitor what other administrators were saying and doing related to his personnel case, law enforcement officials said. “

As of right now all other administrators are locked out of the system and he has the only password! I also saw on CNN today that he still won’t give up the password when a judge asked him in court today. Awesome…so how does this happen? While exact details still are not clear…lack of proper controls, proper monitoring of privileged users, oversight, separation of duties…are just a few things that comes to mind.

This should be a reminder for the corporate world that all privileged users (network administrators in this case) should be held to a higher standard then other users on the network. Thus, need more oversight and monitoring. Hopefully the city can get the password cracked or the guy eventually gives it up.

Post a Comment

Your email is never published nor shared. Required fields are marked *