lost productivity costs estimated at $200,000
..."lost productivity costs estimated at $200,000" so they missed out on selling half a dozen handbags and a pair of shoes, then?
A fired network engineer has been charged with mounting a revenge hack attack against the American branch of Gucci. Sam Chihlung Yin, 34, of Jersey City, New Jersey, allegedly wreaked havoc on the network of the US branch of the Italian luxury good retailer around six months after he was dismissed by Gucci in May 2010. The …
Flippancy aside, the damages in these cases are generally over-stated as it makes the crime seem worse than it actually is and can push it up the sliding scale of punishments. That can be used as a lever to get an early guilty plea and/or help strike deal with prosecutors to save them time & effort.
Real BOFHs never get caught. Never EVER. Bwahahahah
Besides, doing such large-scale damage without covering up tracks that lead back to the perpetrator (using a proxy when connecting to a VPN to connect to another VPN to connect to another VPN, deleting the account that's been used for the break-in, deleting logs etc.) seem to point to the fact that he was actually a loser, not a BOFH :P
One month and ENTRIE FUCKING MONTH after he left he managed to get staff to re-enable a VPN account. Probably by asking nicely*. Then 5months later used it to apparantly take down the network...That's some pretty hefty hacking going on there.
*I don't believe for a second that they had anything more secure than username/password and a pre shared key given the level of security surrounding their users.
On the other hand, it is not unusual for ex system managers to get called up for information after their job ends. Maybe this might happen even when sacked? And while giving instructions about one thing, he might have included something else of his own choosing.
I admit that this is all from the wildly speculative department. Yes, that is my coat.
We (as IT professionals) should have some sort of professional standards body. The numpties that allowed this to happen should be getting struck off.
You don't let a surgeon who hacks up people keep operating, why should negligent administrators get away with it.
One of our sysadmins left a couple of months ago, and a few weeks ago I got a commit email with his name on it. - it wasn't malicious, his credentials were cached on disk, another admin did it, but he was still enabled in the directory.
Turned out so much was keyed against his credentials, that when they disabled it, Bad Things happened, and so they re-enabled it...
AC, obviously..
... how nobody hears mr. Sam Chihlung Yin side of the story. So the mega-rich Guci luxury products corporations goes out freely?
Why did they fire mr. Yin in the first place?
Why does the mega-rich luxury products corporation handles it's IT-Human Resources follow up so carelessly (and gets away with it)?
Sorry but after the shit from multi-mega-bank-corps from last year (and all the shit that followed after it) ruining my own professional live, I'm really paranoid about who's the good or bad guy here.
Need more info before casting judgement.
If you were wrongfully dismissed you have many legal avenues to peruse them and admittedly much more profitable in the end too. If they dismissed you for the right reasons then you’re a friggin’ idiot and angry at the wrong person(s).
Getting canned from your job rightly or wrongly does not give you the right to go back into the network and maliciously disrupt their business. Regardless as to whether you have correctly labeled them a bunch of bottom feeders who a best, resemble the filth stuck to the rim of a heavily used public toilet.
This just goes to show that you should never allow any single person root access to anything. Not router, switch, server, backup systems, etc. etc.
No-one's day-to-day ID should have elevated access, any elevated access should be obtained via permissions added to a second ID. If anyone _really_ needs to have root, the password should be checked out of a secure database in two fragments delivered by separate people and then reset upon completion.
This way, even if you do forget to disable someone's account, they can't do anything with it.