Terry Childs - A network engineer/admin with the City of San Francisco - has been jailed on $5 Million bail after being accused of hijacking the city’s network, affecting everything from law enforcement to payroll to email. So far, Mr. Childs has not released any information that would resolve the outages being experienced and his lawyer is screaming about the unusually-high bail that was set. It almost sounds like a bad movie but this is real and the guy is sitting in a jail cell in SF as we speak. Details are available here courtesy the San Francisco Chronicle.
A correctly managed network would have caught this long before it was a problem – auditing and flags for when accounts are locked that shouldn’t be, passwords changed that shouldn’t, etc. Your average company network is rarely managed that well and so it is easy to be caught with your pants down, especially by someone who knows where and how to do it.
Is it easy for any of us to do the same? Of course. Have we ever considered getting even with a boss or a company by locking a service account, reading the CEO’s mailbox or peering into the payroll files? Sure…we’re human. But the difference between good IT and bad IT, between the Terry Childs of the world and the rest of us is that we do not do it. We Never Take Advantage of Their Trust. For every guy like Terry Childs [if he’s guilty – I’m not saying that he is] there’s 10,000 IT guys who have the opportunity to snoop or wreak havoc and never execute it. It’s not that we can’t do it, it’s that we never do it. That’s something that the people who cross that line [and there are many examples] have forgotten.
0 comments:
Post a Comment