When a former IT consultant knocked out a government system in Australia's Northern Territories, costing taxpayers $1.2m (Australian), he was drunk and upset that his fiancee had broken off their engagement. David Anthony McIntosh told a Northern Territories court he was trying to prove there were security vulnerabilities in the …
$1.2m seems like a lot.
I'd have done it for a tenner less.
Mac strikes the network again
When will people learn that Macs are not secure? We should all take an example from this and convert all Macs to food service use only.
$1.25m to restore a system. Fuck me!!!!
More details please.
Re: How much!!!!
I will fuck you for less than that!
Except I will probably fall fowl of extreme pron laws.
Reminder to self: never post late-ish on Friday night!
Us IT chaps are all shredded to pieces by this time of week.
If it was not so damn hot
I work in Oz. Sorry this Yank stops working at 45-48c
That's nearly 7000 GBP per head... for 5 days work!
Why don't el-reg offer these kind of jobs on their jobs pages ? ;-)
They spent AU$1.25m getting someone to run "tar -zxvf /backup/file.tar.gz"???
They did have a backup, didn't they?
No government organisation would run a major IT system without adequate backups, would they?
Where do I sign up to tender for installing a backup system for them? I'm sure I could do it for a shade under $1.2m, which could potentially save them millions in the future!!
The one thing I'm taking away from this story
is that booze gives you the ability to do the work of 130 men
He did prove that their system was insecure and apparently lacked a functional DR plan, so it's not like he was wrong in theory, just in execution.
In the tradition of viewing government IT as an unnecessary overhead, I'm guessing their requests for inconsequential equipment purchases (network appliances, vmware, tape drives, etc) were rejected and they were forced to manually re-create the accounts.
Believe me it happens. My own department decided that overly expensive backup software (about $1000) and it's annual maintenance was a luxury purchase and therefore rejected. The sound reasoning for this is our network appliance is capable of snap shotting about 3 months worth of data.
The fact we now have a $30,000 tape backup device gathering dust or the fact that we spent close to another $10,000 getting the wiring, air conditioning and backup power upgraded partly to accommodate this tape drive cut little ice with the department heads. After all spending a grand so we can actually use $40,000 dollars worth of purchasing is obviously frivolous.
The life span of construction jobs being decades also didn't deter their assumption that 3 months of partial backups was plenty.
So it wouldn't surprise me at all if this guy was operating in a similar environment and his drunken and astonishingly ill thought-out protest had something to do with showing them how vulnerable they were without the gear he wanted.
Meanwhile, if they'd had decent backups it would have taken 3 hours and $500. But of course they'll never admit that they were complete tossers for not having any sort of disaster recovery plan, and it's always easier to blame someone else.
I hope the folks responsible (ie: the managers who said backups were "too expensive", as they always do) were fired. Or at least caned. Or something.
Not even standard backups by the looks of it. How hard is it to copy /etc/passwd and backup your pdc?
One of the most expensive "I told you so's" ever.
Mind you, as the admin, I'm sure he could have done something to backup the accounts, even if it was to a dvd on his pc.
Crash and burn!
Retrains as chef???
If he gets pissed goes berserk in the kitchen he can do the sort of damage you can't restore from backup.
@No government organisation would run a major IT system without adequate backups, would they?
Yes, the Australian Government would.
This is the same government currently sending $1400 "recovery packages" to foreigners who came here once in 1963, stayed for about 5 minutes until they found out how fucking god-awful it si down here, then left.
I am assuming they are using the same 'database' or whatever the hell our fat-arsed wombats, er, politicians use down 'ere in gawds ern erf.
code of ethical hacking, anyone?
The guy is a moron who cost his government a ton of money for no good reason. He could have demonstrated the vulnerabilities without destroying data (using stolen credentials to boot). Jerk. I hope he enjoys his prison stay.
And the moral of the story is
don't get caught. He could have been recontracted to do the restore if they hadn't identified him as the perp. Mind you I don't think they'd have paid him 1.2M A$. Somebody walked away laughing here.
Won't somebody please think of the children!
"It took 130 experts, five days, and $1.25m "
I'm sorry, maybe I'm thick or something, I've read and re-read this and the comments and for the life of me I cannot, even using quantum mechanics (are there any other kind?) conceive how it COST $1.25m - even in Australian dollars - to recover.
Is there anyone here who can explain where the fuck this figure comes from? Is there another kind of math that I don't know about, maybe it's the same math that's used to calculate the value of drug hauls?
It's not a backup thing
If a thousand user accounts vanish you don't just restore a backup without finding out what happened, lots of possibilities need to be checked (at $7000 per man per day).
"It took 130 experts, five days, and $1.25m "
Don't forget the 65 managers (at 3 times the pay of the people doing the work) + the 32 senior managers (@ 10 x the pay) and the big boss who received a 1.2m bonus for the job.
Where did they even 130 people who can run a computer in the NT let alone experts?
Looks like he achieved his objective.
"David Anthony McIntosh told a Northern Territories court he was trying to prove there were security vulnerabilities in the government's IT system. "
So, on in May of 2008, one month after he resigned his position, he logged into government servers and deleted 10,475 user
Jumping to conclusions
Maybe I'm making the wrong connections, but...
His fiance had broken off their engagement.
He used the logon creds of a former workmate with whom he was living.
Surely it's not too much of a stretch to assume the former workmate and the fiance were one and the same sheila. In which case was he actually trying to lay the blame at the door of his fiance?
Aussies always have to go one up on us Poms.....
Now Ade's claiming that Aussie politicos are tighter & dumber than ours.
Sorry mate - once you've seen Harridan Harperson, Reichsfuhrer Schmidt, Wee Gordie, etc., you realise ours really are the ultimate pits.
Although you could have been in with a chance, if you hadn't sent us the gorgeous, pouting Patricia Hewitt...
Looking at the numbers in the wrong way.
The recovery exercise did not cost AU$1.25m, that was the final bill. In that bill is included the amount of time the 10,475 employees affected were not productive due to not being able to access their files/system. That's ~AU$100 per employee, which is roughly 1 hour of "productive time" per employee at standard *costing* levels (not *pay* levels, different kettle of fish). Plus actual recovery costs. Cheap, actually.
As for the delay, if the place in the NT is like the other Gov IT dept I worked for in Oz, then the backup almost immediately go to secure storage offsite. Depending on when the malarkey occurred, getting the backups out of offsite storage can take up to 24 hours.
Personally, I doubt the "5 days" line unless it happened during a long weekend.
Don't forget the nominal wages of 10,000+ government drones. From reading court documents, I believe this was factored in to the overall costs.
I also believe most of the drones were back on the system after a day or so, the other few days was to make sure that someone couldn't do the same thing to them twice.
"Australia's Northern Territories"
Tsk Tsk el Reg.
There is only ONE "Northern Territory" in Australia.
We gave Papua New Guinea it's independence back on September 16, 1975.
Rule # 1: No poofters!
I can only assume there wasn't a single computer literate Australian human not employed on this project.
I used to work in Australian IT and I don't think the number of experts was necessarily reduced when I left.
The cost wasn't just salaries of the restore workers
I'm sure they'll have figured in downtime losses, e.g. the biling department sent out $X invoices everyday, they were off-line for Y days, so we lose $XY cash flow. Or we have to pay the workforce for doing nothing for Y days. etc etc etc. It's the same financial model which makes a suitcase of pirate DVD's worth billions.
The 1.25mln figure must be..
Makes you wonder who pocketed the 1.2 mln in change.
Yup, Simon lives in New Zealand. Please resume normal reading of BOFH.
How many times
Have YOU been tempted to do just such a thing, but either hadn't drank quite enough, or had already drank too much to pull it off. There have been a number of times I have considered doing just such a thing or worse, but thought better of it.
And I would venture a guess that the co-worker he was staying with and his fiancee were not one in the same, which would explain why she was his ex....
And don't forget the forensics! You can't proceed with the restore until after you've completed the forensics. Unless you buy new kit, which of course they never do, and it would take days to get there anyway, if for no other reason than that they need the computer your fixing to process the paperwork for a new computer.