Sysadmin admits stealing computers, office equipment from Navy

Most often when systems administrators abuse their access to corporate networks and systems, the end result is either data theft or network sabotage on a massive scale.

Not so in the case of Victor Papagno, a former systems administrator at the U.S. Department of the Navy's Naval Research Laboratory (NRL) in Washington D.C., who Wednesday pleaded guilty to using his position to embezzle 19,700 pieces of computer and electronic equipment from the Navy.

Papagno, 40, of Hughesville, Md., faces up to 10 years in prison and a fine of up to US$250,000 when he comes up for sentencing in the U.S. District Court for the District of Columbia on Dec. 22. But under the terms of a plea agreement, the government will recommend he serve between 12 and 18 months in prison for the theft.

Court documents filed in the case show that Papagno began working as a computer specialist with the NRL in 1989. He began taking home computers and other office equipment without permission in about 1997 and continued doing so until August 2007. During that time, Papagno stole more 100 desktop computers, nearly 7,000 pieces of computer storage media, over 80 computer monitors and hundreds of other items such as laptops, hard drives, peripherals, external storage devices, printers, power backups and software.

According to a source knowledgeable about the case, much of what Papagno took was old and obsolete equipment that would have been otherwise junked, although newer items were a part of the mix, too.

If all of the items had been new, the retail value of the equipment seized from Papagno's home would've been around $1.6 million, according to court documents. Under the plea agreement, however, the value of the stolen equipment was pegged at $120,000. Most of the property was apparently taken by Papagno for personal use, as well as for use by his family and friends, although a few items were either sold or traded. Most of the stolen items were recovered during a search of Papagno's home in August 2007 and carted away in a "large semi-trailer truck," according to a statement yesterday by the U.S. Attorney's office in Washington D.C.

Officials at the NRL did not immediately respond to a request for comment.

The dangers posed by malicious insiders has been a well documented issue. But it is rare for someone with privileged access to steal computer equipment on the scale Papagno admitted to yesterday. Typically, incidents involve either the theft of customer or other confidential and proprietary data or some form of network-related sabotage.

Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine