Close but no cigar
Next time grab a prepaid credit card .
A Georgia IT administrator has pleaded guilty to crippling the computer system of a Japanese pharmaceutical company's US subsidiary several months after his employment there ended. Jason Cornish, 37, admitted using a public internet connection at a McDonald's restaurant in Smyrna, Georgia, to access the network of the Shionogi …
Next time grab a prepaid credit card .
in fact, using the restaurant at all seems like a foolish move... next step surely is to look at security camera footage!
First off, destroying a network of a former employer is a stupid idea, there is always evidence and once you get a felony your life is pretty much over. If you are going to do this, use a connection in another state and use cash the whole day while giving your credit card to a mate to use while you are out of town. Or the best option of not doing it in the first place.
As for the company, who leaves an account that can delete VMs just laying around and still working after several months? Also, why is this even possible from outside of the company, and from an untrusted network at that.
Icon because neither party knows how IT should be run.
seems to me they failed at basic security - stupidity on both sides. it's really akin to leaving the front door propped open with your 50" plasma screen.
The company should be held equally accountable - if they followed security 101 rules, this wouldn't have been possible.
They will still nail you fool. CCTV in the MacDonalds and your ex-boss ID'ing you on the tape should put you away nicely.
Hello Sonny you sseem to know quite a bit about leaving a trail of IT related grief behind when you get sacked! I think we need you to come down to the station to answer some questions.
"...it's really akin to leaving the front door propped open with your 50" plasma screen..."
Have you TRIED moving a 50" plasma screen? I've got one - they weigh about 50kg. Even with two of you, you don't just pick it up and run away with it.
But I agree with you in general.
In that case it will do a pretty good job stopping the front door from slamming.
>> First off, destroying a network of a former employer is a stupid idea, there is always evidence and once you get a felony your life is pretty much over. If you are going to do this, use a connection in another state and use cash the whole day while giving your credit card to a mate to use while you are out of town. <<
Given this some thought huh lol
Why delete when one can corrupt?
Just write a script to quietly tweak those figures in the accounting database for as long as the it takes for the backup to roll over, then short the stock via a Belgian number account in anticipation of pay-day coming around with no money in the bank (or the IRS coming round too).
Alternatively, If the guy already had a system account, it would be easy to cook up af VM with lots of warez on - running a nice business out from that, ex. employer gets raped by DMCA.
Lots of options.
Look, anyone who watches a show like CSI knows that using credit cards follows you around. How stupid can the guy get, McDonalds? Give me a break!
He should have at least used a public library or camped outside a Starbucks or something like that...
One way for companies to defend against this would be to part with their staff on better terms.
It costing 800k to restore 15 servers, though suggests a level of gross imcompetence. Besides having someone to blame, and still having the hardware, from a DR perspective, how is this any different from the DC catching Fire.
It doesn't state that it cost 800k to restore the servers. It says "In all, the attack cost the company $800,000" which would be the total cost of restoring the servers and loss of business/profits.
that kind of access sold to a rival might have netted him a little more than revenge.
Well done the cops for spotting Cornish's credit card use but what an idiot he is. No doubt that it was his general idiocy that got him fired.
Paris because she is much smarter and because she hasn't been around much lately.
... and then didn't. For many reasons, legal ones being but a small factor. Didn't want to have naked revenge on my conscience, though I did explain the chief financial numbnut who'd insisted on "talking to me" (over lunch together with some vague family relation of him who proceeded to insult my and my fellow countrymen, still don't know what he really wanted) just how close he'd been to goading me into costing his company a large sack of money. He didn't understand, of course.
Doing it wouldn't have cured the burnout, and not doing it didn't either. Six years later I'm still out of a job and by now entirely unemployable--after having propped up a 50-odd software house mostly single-handedly for a couple years. Letting your IT people run the shop through a permanent red haze ought to be just as criminal as the retalliations they sometimes just can't help themselves and refrain from.
"unable to ship product, to cut checks, or even to communications via email,”
Ain't grammar checking tools wonderful? :-)
Mind you, much closer than the predictive text on my phone....
"They later discovered Cornish had used his credit card at the restaurant a few minutes earlier."
These disgruntled former admins are the dumbest people on the planet. Who uses plastic at McDonalds anyway ?
I believe it is present in some of the burgers.
Oh - I see what you mean....
Pretty sure the wifi signal doesn't magically stop at the doors
Oh yes...now I remember...."Cash is King.." a shame this guy didn't remember that.
Fail on 2 levels. Fail on the perp for creating chaos and mayhem for his ex-coworkers just so he can feel better about getting sacked. Imagine one of your collegues gets canned, the next day you come into work and key systems are inaccessible, phone is ringing of the hook, panic rages throughout the floor. You know just from the tidbits of information you gleaned that a major meltdown has occurred and that this is going to be a week from hell. You already had backlogs and backlogs of work because your staff has been cut to the bone resulting in your coming into work when it was dark outside and leaving work when it was dark outside. And now this, caused by whats'isname?
Jason Cornish's life is over. I'm sure he's popular (for a few hours) with all the script kiddies in IRC and underground forums, they go for this kind of stuff. Ask them for a job Jason because no one else will want to hire you.
Once again another sod who has no business working as IT admin or the in this field at all. If you want recognition and appreciation IT is not for you. You get your paycheck. That's it. Period. Lose the rose-colored glasses and forget everything you were promised by the tech school adverts. You are and always will be viewed as an overpaid factory worker by management. You want recognition and appreciaton? Become a sales guy bringing in high volume accounts to your firm, you will be GREATLY appreciated. You'd have to lose the neckbeard though and wear clean shirts from now on.
Fail #2 on the company. Most firms I've worked at including this one cancel all system access prior to notifying you of your termination. SecurID, Email, everything. An engineer who worked with my staff called me in June around 9pm telling me that his email wasn't working. He contacted help desk which informed him that his account was terminated and couldn't answer any other questions. I checked my email and found notification that all systems passwords had changed and new passwords would be provided the following morning at a meeting. So basically yea he was canned.
Sad for both of us really since to me he was a valuable technical resource and was always professional in his demeanor (something rare in IT). I forwarded him a letter of recommendation and he has already found another job. But that's part of working in IT and being a professional. It's just a job, you take nothing personal, don't bring your work life home or your home life to work. I see lots of desks with pictures of wives/girlfriends/kids/pets etc. I have no personal effects whatsoever on my desk (only in my phone), there's only calendars, schedules, diagrams and other work-related documentation. It's part of my philosophy and acceptance that I am only here temporarily. The day my pink slip arrives there's no "cleaning out my desk". The only personal propery I have here are my 2 phone chargers, and they're spares anyway. They can keep'em.
multiple fails. Credit card, public place, no proxies. The guy obviously needed to be jailed to stop him procreating.
yep - he's ripe for a Robert Knepper style character in prison to walk over to him with their pocket hanging out saying "Walk with me"
fscked by SHA-1 collision? Not so fast, says Linus Torvalds