Q&A: A misconfigured laptop; a wrecked life
Victim of malicious software tells how it cost him his job, his friends, his livelihood and his peace of mind.
IDG News Service - When the Commonwealth of Massachusetts issued Michael Fiola a Dell Latitude in November 2006, it set off a chain of events that would cost him his job, his friends and about a year of his life, as he fought criminal charges that he had downloaded child pornography onto the laptop. Last week, prosecutors dropped their year-old case after a state investigation of his computer determined there was insufficient evidence to prove he had downloaded the files.
An initial state investigation had come to the opposite conclusion, and authorities took a second look at Fiola's case only after he hired a forensic investigator to look at his laptop. What she found was scary, given the gravity of the charges against him: The Microsoft SMS (Systems Management Server) software used to keep his laptop up to date was not functional. Neither was its antivirus protection. And the laptop was crawling with malicious programs that were most likely responsible for the files on his PC.
Fiola had been an investigator with the state's Department of Industrial Accidents, examining businesses to see whether they had workers' compensation plans. Over the past two days, however, he's become a spokesman for people who have had their lives ruined by malicious software. He now works as an insurance salesman in North Scituate, R.I.
Following is an edited transcript of a telephone interview he gave to the IDG News Service:
Why did you need a laptop at the Department of Industrial Accidents?
We had a laptop basically to do our reports instantaneously. If I went to a business and found that they were out of compliance, I would log on and type in a report so it could get back to the home office in Boston immediately. We also used it to research businesses.
Had you used a work laptop before?
Yes, this was a second-generation laptop. My [first] computer was stolen out of my vehicle outside of work in Boston in November 2006.
How long had you been using a laptop before this one was stolen in November?
About a year and a half.
Did you notice anything strange about this new laptop when you started using it?
Not at all. I'm not that computer-savvy of a person. I'm more of a hunt-and-peck type of guy. I can get in, I can do my e-mail. You tell me to do this form, I can do this form, and that's about it. I typically don't search the Internet, I typically don't go out and browse. I don't play any games. I don't go to chat rooms -- never have, never will. I was basically using it for my job.
When did you become aware that there was a problem?
When they fired me in March.
My boss called me into his office at 9 a.m. The director of the Department of Industrial Accidents, my immediate supervisor, and the personnel director were there. They handed me a letter and said, "You are being fired for a violation of the computer-usage policy. You have pornography on your computer. You're fired. Clean out your desk. Let's go."
They escorted me to my desk, they watched me clean my personal stuff out of my desk, they escorted me out of the building to my vehicle.
What was you reaction?
Shock. I said, "What are you people talking about? I don't understand?" And they wouldn't talk to me. They said, "We've been advised by our attorney not to talk to you." It felt like the blood drained right from my body. I never expected anything like this to happen.
How did this affect your life?
It was horrible. No paycheck. I lost all my benefits. I lost my insurance. My wife is very, very understanding. She took the bull by the horns and found an attorney. I was just paralyzed; I couldn't do anything. I can't describe the feeling to you. I wouldn't wish this on my worst enemy. It's just devastating.
If you get in a car accident and you kill somebody, people talk to you afterwards. All our friends abandoned us. The only family that stood by us was my dad, her parents, my stepdaughter and one other good friend of ours. And that was it. Nobody called. We spent many weekends at home just crying. I'm 53 years old, and I don't think I've cried as much in my whole life as I did in the past 18 months.
So what do you think happened?
It was either a rogue hack or after my computer was stolen, [the new computer] might have been loaded with the stuff, ready to go. I'm not accusing anybody, but if it was someone in the IT department who was doing this, [maybe he] never had a chance to take it off of there.
The criminal charges against you have been dropped. What about your job?
I will never go to work for them again. I would not work for a company that would not protect its employees. I feel they didn't protect me. The SMS was disabled on that computer.
Has this changed the way you use computers?
Yeah, it really has. I use a laptop now for work, but I do not go online until I go home. My days of surfing the Web are over, because I don't wish this on anybody.
- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
- Slideshow: 5 ways to lock down your mobile device
- Slideshow: 10 mistakes companies make after a data breach
- How to rob a bank: A social engineering walk through
- Which smartphone is the most secure?
If you like your iPhone, you can keep your iPhone. Period.
President Obama has revealed that he's not permitted to carry an iPhone. It's too insecure for the job, he says. Instead, he's stuck with a BlackBerry. Well, someone's got to have one still. However, it turns out that the Pentagon has also outlawed non-BlackBerry smartphones. In IT Blogwatch, bloggers joke that 2006 called and they want their smartphones back.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Mitigating DDoS Attacks with F5 Technology
- This document examines various DDoS attack methods and the application of specific ADC technologies to block attacks in the DDoS threat spectrum while...
- The DDoS Threat Spectrum
- Bolstered by favorable economics, today's global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often simultaneously.
- Defending Against Denial of Service Attacks
- By utilizing end-user interviews, this whitepaper explores a deeper understanding of DDoS defense plans and reveals the knowledge gaps around the Denial of...
- Strategic Solutions for Government IT
- This paper outlines why F5 is the optimum partner to help achieve the levels of security, performance and availability that are vital to...
- Leveraging Managed Security Services to Fight Growing Cybersecurity Threats
- IT Infrastructure-as-a-Service enables agile responses to constantly changing threats. All Government IT White Papers
- Modernizing SAP environments with minimum risk - a path to Big Data Hear from top IDC analyst, Richard Villars, about the path you can start taking now to enable your organization to get the benefits...
- The Power of the Citrix Mobility Solution, XenMobile Does everything become a smartphone? Or does the smartphone begin to do everything? How can we afford to support BYOD? Rather, how can...
- BYOD Happens: How to Secure Mobility How to navigate the journey of securing mobility, including the BYOD corruption of IT, the top ten mobility strategies, and the mobility management...
- HR and Finance Were made for Each Other View now >>
- The Value of Human Capital for Finance Professionals View now >>
- All Government IT Webcasts
Does your organization offer extensive benefits, cool perks, competitive salaries, opportunities for training and advancement? Then get it recognized!
Nominate your company or another deserving organization for Computerworld's 2014 Best Places to Work in IT list now through Dec. 12, 2013.