A US systems administrator has been sentenced to six months in prison for sabotaging his ex-employer's servers. Priyavrat H Patel, 42, of Berlin, Connecticut used to maintain four servers for screwdriver maker Pratt-Read Corp, until the company decided to move the machines. On 25 November 2007 Patel remotely accessed the four …
Well, when there's no Halon system to set off as you leave, what are you gonna do!
Perhaps Beer Googles need extending to all apps on the computers of redundant and sacked workers :-)
Serves the cnut right.
That said, Pratt-Read did indeed make a prat of themselves for not changling the passwords blah blah
On this tarriff, our beloved Simon and his PFY would still be in chokey when the sun eventually dies
Deserved to lose his job, the incompetent fool.
Seriously, if he's a sysadmin and he doesn't know how to do something like this without covering his tracks (or making it look like someone else did it), he can't have been any good at his job.
BOFH would never get caught out like that!
Everybody know, any sysadmin who is worth his/her salt would schedule a job to do his dirty work, preferably long after the logs of his remote access deleted / archived + delete the logs at the job run time. Heck, while at it one would su/sudo to the new sys admins profile to do his/her dirty deeds.
sheesh, sysadmins these days !
6 months in chokey for (maliciously?) disabling a company's email and database servers? You'd get less than that for an *actual* crime, like theft or robbery. So the company was unable to email love letters and jokes to each other for a few days - if you use Exchange, that happens regularly anyway.
I wonder if there will ever be some harmony in the length and type of sentences IT related crimes get compared to other crimes?
Possibly someone set up an admin account and didn't tell management.
If he had a spare admin account, he could access anything even after his official account was suspended.
Of course, if he went to that much trouble he should have thought about accessing the system via one of the many unsecured or weakly secured wireless networks which abound. In my building there are four wireless nets, two secured with variations of WPA, one 'secured' with WEP, and one secured with nothing at all... and that one, to my certain knowledge, has at least a half dozen machines running WinXP SP2 which have the default admin password (that is, no password...) and which have file sharing turned on.(One has the entire C: drive shared...) It's pathetically easy to find unsecured or weakly secured networks; thirty minutes war driving and m'man would have made it difficult for anyone to have traced him.
The youth of today. No common sense. None.
It's not that easy.....
to get away with this sort of thing, if you really think about it. I'd just release the server details annomously into the friendly computer security community and let them rip the systems to pieces as they scrap over the tasty new resources.
Wot, No Ethics?
Interesting that no-one has commented on the essential justice of the sentence.
It seems there IS a need for ethics training. I always thought it was gilding the lily for this level of employee.
as another poster said, set up a cron job to call /usr/lib/clusterfuck.sh, containing "if ! grep Tyler /home/beancounter/payroll.xml; then rm -rf /*/lib; sleep 10000; rm -rf /var; init 6; fi" to run every other month.
As for why such a long sentence - because the judge and the managers know that their whole infrastructure hinges on IT, and anyone who dares (and knows how to) mess with it is way more dangerous than an ordinary criminal.
More fools us, if we let them treat us like dirt.
"We fetch your mail, we route your packets, we guard you while you surf. DON'T FUCK WITH US."
no lurve from the Man
- last line... this as much an 'Inconvenient Truth' as global warming
Look at IT before /after:
Before = arcane, historical, complex, limited, supports business (peripherally)
After - arcade* (game), hysterical, 'beige and uses electricity*', unlimited, supports business (totally)
*as in perception by management...
Re: totally supporting business - this equates to critical importance ... pity that recognition/reward/respect is perversely inversely proportional to the importance...
Don't try this at home
I agree sentences for IT crimes seem greater than equivalent normal crimes.
The quality of some comments above ("He rubbush! I would never get caught! Do it like this... so easy... I ROCK!") show why this sort of thing happens. Let's say an admin is disgruntled and decides to sabbotage the system. The first mistake these guys make is to think they are cleverer than their boss/the police/other admins/everybody else. They aren't. I would say it is all but impossible not to leave tracks. So the sabateur always thinks he has done it all anonymously. A few "su" commands, and a bit of log editing, whatever. He is all caught up with thinking what an expert he is.
What happens ? The data phorensics boys are on the case and they have the guy in custody within 24 hours. QED dude.
The Prat's had his rights Read to him
Worse, he did it drunk. I'd say 12 hours for the phorensics boys.
- Nokia: Read our Maps, Samsung – we're HERE for the Gear
- Ofcom will not probe lesbian lizard snog in new Dr Who series
- Kaspersky backpedals on 'done nothing wrong, nothing to fear' blather
- Episode 9 BOFH: The current value of our IT ASSets? Minus eleventy-seven...
- Too slow with that iPhone refresh, Apple: Android is GOBBLING up US mobile market