A Texas man has been ordered to pay restitution of $16,600 and a $5,000 fine after admitting he breached the server of an engineering firm that fired him and deleted sensitive files. Ismael Alvarez of Andrews, Texas, was also sentenced to five years of probation and one year of home confinement. In December, federal prosecutors …
Too cheap to use an InterNet cafe?
How come these characters always seem to be dumb and/or cheap.
A quick visit to an InterNet cafe would have saved himself a lot of grief, especially if it was one popular with games players.
"he created a directory titled “RENEGAGE RULES.” Renegade is the name of a Gray Wireline competitor."
Is this correct? If so, it reads rather strangely.
Didn't he watch Hackers?
"Alvarez through the IP address used to access the Gray Wireline server. It corresponded to the account his used with his ISP." The title says it all, all he had to do was find an open WiFi connection somewhere and he would be untracable, maybe still a suspect, but no evidence to link him.
"FBI agents tracked down Alvarez through the IP address used to access the Gray Wireline server. It corresponded to the account his used with his ISP".
It's like they're not even trying anymore...
I are a l33t h4xx0r
I think perhaps 'breached' is a little over dramatic, if he was smart enough to break into the company systems without using a known username/password combo, I.E. exploiting a backdoor or other hacking technique then surely he'd have been smart enough to use a public or other unassociated IP address?
Sounds more like he had his fun because, quelle surprise, the company's security procedures are dreadful and their password security is lax.
Have none of these disgruntled ex-employees heard of tor?
Or similar IP masking tricks - then again the article didn't mention how he accessed the system - using his old login that should;ve been deleted would've been an obvious flag :)
You have to be able to trust people who have access to systems and the info they contain, so I think he got what he deserved.
Maybe if there are enough of these sorts of cases companies will realise that the biggest threat to their systems is the employee they've just pissed off, and take the appropriate precautions. Don't know if he broke in or just logged in using his old account: either way he shouldn't have been able to do it.
sacked for incompetance?
"During the breach, which happened a few weeks after Alvarez was fired, he created a directory titled “RENEGAGE RULES.” Renegade is the name of a Gray Wireline competitor."
If he was supposed to know anything about computers why the hell did he just leave evidence everywhere?
We need a computing version of the Darwin Awards.
"Alvarez [...] joins a long list of disgruntled employees who sought revenge by breaching their employees' computer systems."
And an equally long list of incompetent employers who are incapable of securing their systems against breaches by former employees.
If you're going to do that, you do it from your ex-boss's home wireless. Otherwise, as this guy now knows, its easy for them to track you.
Did they have a backup? (The article doesn't say.)
He's clearly not Internet savvy. Should have driven to the other side of town and used a free wifi connection, or gone to an Internet cafe, or used Tor. There are shed-loads of ways of hiding your IP, which is why normally IPs are not valid evidence. But in this case all the circumstantial evidence came together to form one BIG arrow that pointed to him.
Attacking a former employer from home, without even using a proxy. No wonder he got caught.
I'm sure he'll have plenty of time to reflect on what he should have done to avoid that while decorating his house with "Renegage Rules" scribbles.
Meanwhile, his former employer should have been a bit more diligent in changing its passwords.
Obviously highly skilled in IT, used his home IP address to do it from, the numpty.
Correction to the final paragraph.
Alvarez, who had worked for the company for more than seven years, joins a long list of stupid morons who sought revenge by breaching their employees' computer systems from their home computers without a thought to hiding their efforts
"an engineering firm that fired him and deleted sensitive files."
Well, if the engineering firm deleted the sensitive files, shouldn't they be charged?
What surprises me
Is a) that this doesn't happen more often (or is it that it just doesn't get talked about)
and b) that ex-employees with this level of IT knowhow aren't better at covering their tracks
"joins a long list of disgruntled employees who sought revenge by breaching their employees' computer systems."
'Incompetent' works in place of disgruntled, using his own login from his home IP, probably goes a long way to explaining why they fired him in the first place.
These people deserve the punishment they're getting, they're bringing it on themselves. If these idiots dont know how to use anonymous proxies, they deserve to get caught....
ID-10-T Error, for sure
"FBI agents tracked down Alvarez through the IP address used to access the Gray Wireline server. It corresponded to the account his used with his ISP."
Christ, at least go to Starbucks :/
that's one unpopular employer
"Alvarez, who had worked for the company for more than seven years, joins a long list of disgruntled employees who sought revenge by breaching their employees' computer systems."
(miss quotes are the best quotes)