Update: IT admin locks up San Francisco's network
Staffer blocks access to admins, refuses to reveal passwords
IDG News Service - SAN FRANCISCO — A network administrator has allegedly locked up a multimillion-dollar computer system for the city of San Francisco that handles sensitive data, and he is refusing to give police the password.
Terry Childs, 43, was arrested Sunday and was charged with four counts of tampering with a computer network. According to the office of San Francisco District Attorney Kamala Harris, Childs made changes to the city's Fibre WAN (wide area network), allegedly rendering it inaccessible to administrators. He also "set up devices to gain unauthorized access to the system," the DA's office said in a statement.
The fiber WAN is used to connect computers in buildings throughout the city and carries about 60% of the networking traffic for the city government. On Tuesday it was functioning normally, but the city no longer has administrative access to the switches and routers on the network, according to Ron Vinson, chief administrative officer with the city's Department of Telecommunication Information Services. "It was a little unnerving to discover that this person had created this fiefdom of access to our network," he said.
"We continue to monitor the system to make sure that we do maintain the integrity of the network," he added. "The issue at hand is the access codes that we are trying to get our hands around."
Childs was arrested on Sunday at his home in Pittsburg, Calif., the DA's office said.
In the days leading up to his arrest, his behavior had become erratic and he had become hostile toward his colleagues, according to a source familiar with the situation. After his arrest, he first gave some bogus passwords to police and then refused to reveal the real passwords, the source said.
Childs is a network administrator with the city's telecommunication services office, which runs the city's critical IT operations, including the e-mail system, Web site, 311 call center and telecommunications infrastructure.
Childs remains in custody, Harris said in a Monday afternoon news conference. "The bail has been set at $5 million, and the exposure in this case if he were convicted on all counts would be seven years in prison," she said. He is set to be arraigned on Thursday.
Harris said it's unknown why Childs allegedly tampered with the system.
Vinson said his department recently hired a new security chief who oversaw an assessment of the group's security. Over the past few weeks that assessment discovered evidence of tampering. "It was escalated to the police department, who brought their own forensics team that came in to do their own investigation of our network," he said.
That investigation led to Childs' arrest, he said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts