A former IT consultant for a California oil and gas company has admitted he intentionally tampered with its computer systems after he was turned down for a permanent position there. Mario Azar of Upland, California pleaded guilty to one felony count of intentionally damaging a computer system used in interstate and foreign …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Friday 25th September 2009 02:42 GMT Tuomo Stauffer

Where do they find?

Where do they find and why this kind of people - definitely not a professional! Management error, yes, he is a bad apple but who and why selected him when there is, especially today, overflow in market for real professionals? Also, bad systems management - it's not difficult nor expensive to have systems where you manage everyone, even managers (specifically managers, they are often the weakest link and can cause even more problems - heh!)

0 0
Friday 25th September 2009 07:49 GMT Anonymous Coward

Bigger question: who controlled this?

It is always possible that you get a bad apple, but where was the control policy? What about decent exit processes? This isn't just a "bad apple", this appears to be a framework failure which should have been designed to catch this.

From someone who more or less started SCADA security (which was time full of *very* scary discoveries)..

0 0
Friday 25th September 2009 09:24 GMT Anonymous Coward

Toast

10 years minimum plus they should claim on his professional indemnity insurance...

0 0
Friday 25th September 2009 11:50 GMT Anonymous Coward

SCADA Systems Management

As having worked in the field, exit policy is just one fault with control of SCADA systems. Add to it a list of malicious vulnerabilities and lack of proper external access monitoring makes SCADA the weakest yet most important part of most large industrial processes.

On-site security is a joke at a lot of these installations, most networks have external access to critical systems and engineers are regularly let go with no proper consultation on resecuring the system.

It seems that it will take a major attack to help people wake up to the importance of keeping these systems safe. Recent research shows that current overloading at even small power grid stations would allow major parts of the US grid backbone to be brought offline in one foul swoop.

Fire sale indeed.

0 0
Friday 25th September 2009 14:40 GMT Anonymous Coward

Midget Oil Platforms

Hey, I wanna know where the midget oil platforms are? Why all the hyperbole and saying that he controlled GIANT oil platforms? Are there small and midget, sorry dwarf oil platforms?

0 0
Friday 25th September 2009 14:40 GMT Juillen 1

Costs..

It always comes back to people wearing suits deciding that IT is 'just another set of disposable people', and that everything happens by magic. If you buy Microsoft systems, you're secure, right? Says so in the brochure.. All sysadmins do is press buttons and things happen. Can't be hard, right? Not lke preparing powerpoint slides and presentations where you can actually see someone do something.

HR, having no clue whatsoever, puts keywords in ads, and if you've got the buzzwords down to pat, you get to interview. Unless you already have some really clued in people on the interview panels, you end up with whoever can most confidently throw the most buzzwords in the shortest time (I do interviewing where I work, and the amount of people who confidently spout complete garbage liberally sprinkled with buzzwords, and claim to be MVPs or experienced developers/admins etc. is frankly astonishing. Even when you pick them up on it, they just throw out a whole set of completely unrelated buzzwords).

What people just don't understand is, when you hire a sysadmin, or someone with administrative level access, you're handing them the keys to your company. Unlike almost anyone else outside the directors office, they have the ability, single handedly, to undermine the operations of the company for a significant time period (possibly permanently).

If people started hiring with that in mind, I think they'd be a lot more stringent in who they hired, and HR staff may end up having to get a clue.

0 0
Friday 25th September 2009 20:08 GMT Matthew Glubb

@Juilen

You are right. But it will never happen. Managment refuse to accept that a mere technician could have a similar or higher status to themselves. In Britain we call this the class system. I'm not sure what you'd call it in the rest of the world. Probably just plain snobbery.

0 0
Monday 28th September 2009 09:25 GMT Anonymous Coward

Management are disposable

Tech is not, and really it should be obvious by now, that you need to hire tech that manages.

Tech needs to up their game, and study business and economics, and just replace the current management. And of course some in management could up their tech skills as well. There is no place now for either just a tech or a management person, tech and business are too intertwined.

The days of the blinkered specialist are over, it is about being an expert generalist nowadays.

0 0
Wednesday 30th September 2009 03:28 GMT Anonymous Coward

And then

There are the consultants like myself that destroy all client-sensitive information in my possession at the end of each engagement only to discover on a subsequent visit that all my accounts are still there. Nobody bothered to delete them.......................................

0 0
Wednesday 30th September 2009 09:08 GMT Pete 8

S.C.A.D.A.

Skinny Contrived Aristicratic Dolly Automaton

0 0