IT admin locks up San Francisco's network
A network administrator has allegedly locked up a multimillion-dollar computer system for the city of San Francisco that handles sensitive data, and he is refusing to give police the password
Terry Childs, 43, was arrested Sunday and has been charged with four counts of tampering with a computer network. According to the office of San Francisco District Attorney Kamala Harris, Childs made changes to the city's Fibre WAN (wide area network), allegedly rendering it inaccessible to administrators. He also "set up devices to gain unauthorized access to the system," the DA's office said in a statement.
The Fibre WAN is used to connect computers in buildings throughout the city and carries about 60 percent of the networking traffic for the city government. On Tuesday it was functioning normally, but the city no longer has administrative access to the switches and routers on the network, according to Ron Vinson, chief administrative officer with the city's Department of Telecommunication Information Services. "It was a little unnerving to discover that this person had created this fiefdom of access to our network," he said.
"We continue to monitor the system to make sure that we do maintain the integrity of the network," he added. "The issue at hand is the access codes that we are trying to get our hands around."
Childs was arrested on Sunday at his home in Pittsburg, California, the DA's office said.
In the days leading up to his arrest, his behavior had become erratic and he had become hostile toward his colleagues, according to a source familiar with the situation. After his arrest, he first gave some bogus passwords to police and then refused to reveal the real passwords, the source said.
Childs is a network administrator with the city's Department of Telecommunication Information Services, which runs the city's critical IT operations, including the e-mail system, Web site, 311 call center and telecommunications infrastructure.
Childs remains in custody, Harris said in a Monday afternoon news conference. "The bail has been set at [US]$5 million, and the exposure in this case if he were convicted on all counts would be seven years in prison," she said. He is set to be arraigned on Thursday.
Harris said it's unknown why Childs allegedly tampered with the system.
Vinson said his department recently hired a new security chief who oversaw an assessment of the group's security. Over the past few weeks that assessment discovered evidence of tampering. "It was escalated to the police department, who brought their own forensics team that came in to do their own investigation of our network," he said.
That investigation led to Childs' arrest, he said.
The city is now working with Cisco Systems to repair the problem, but if it has to replace the routers and switches that have been tampered with, it could easily face a $250,000 bill for the incident.
The situation doesn't reflect well on San Francisco's IT staff, said Andrew Storms, director of security operations with security vendor nCircle. "His managers should have known better," he said via instant message. "Some safety nets and best practices were probably overlooked if one person could have caused this much damage."
San Francisco began rolling out the Fibre WAN about four years ago as a less-costly alternative to leased data lines, Vinson said. To date the city has spent more than $3 million on the project.
With administrative access to switches and routers, could Childs now seize control of the city's network? "Not where he's sitting now," Vinson said.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
cybercrime
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
I had a predecessor do this
I had a predecessor do this and if I'm not mistaken this false under the federal Cyber Terrorism Act that was defined prior to 9/11/2000. It would fall under the Patriot Act allowing far more reaching penalties and sentencing in light of shutting down a law enforcement agency, not to mention the rest of the city. This is a complete breech in ethics for anyone in IT, we are given the keys to the castle because we can be entrusted with them and the data contained there in or flowing across our network.I give props to this guy.
I give props to this guy. This guy is my hero. Keep rocking Terry Childs. WOOT!replica bags
I don't agree with what you say about fashion . Yes,fashion replica handbags guide the way that what peple should wear 、eat 、shopping and so on . But fashion replica bags isn't almighty , it will out-day as the time changes .