San Francisco IT Admin Locks Up City Network

This version of the story originally appeared in Computerworld's print edition. A network administrator late last week pleaded innocent to charges that he locked up a key city of San Francisco computer network and refused to disclose the passwords he set.

San Francisco District Attorney Kamala Harris' office charged that Terry Childs, 43, reset passwords to the switches and routers in the city's fiber WAN, rendering it inaccessible to administrators. He also "set up devices to gain unauthorized access to the system," it added.

Childs, a network administrator with the city's Department of Telecommunication Information Services (DTIS), was arrested July 13 and arraigned last Thursday in San Francisco Superior Court. He was ordered held on a $5 million bond until a hearing slated by Judge Paul Alvarado for July 23. Childs faces seven years in prison.

Terry Childs, charged with tampering with San Francisco's backbone network
Terry Childs

Late last week, the city still lacked the passwords needed to regain control of the network's Cisco Systems Inc. equipment. But the backbone network was operating normally, said Ron Vinson, DTIS chief administrative officer.

The WAN connects computers in buildings throughout the city and carries about 60% of the municipal government's traffic.

Vinson said he couldn't predict when the problem would be fixed. "We feel very confident that we will have full access," he said.

Vinson said the city is working with Cisco to repair the problem. If the hardware has been tampered with, replacement costs could easily reach $250,000, he added.

Harris said it's unknown why Childs allegedly tampered with the system. But a source familiar with the situation said the suspect's behavior had become erratic in the days leading up to his arrest.

San Francisco began rolling out the network about four years ago as a less-costly alternative to leased data lines. The city has so far spent more than $3 million on the system.

Vinson said the tampering was discovered several weeks ago during an assessment by a new security manager.

"It was a little unnerving to discover that this person had created this fiefdom of access to our network," Vinson said.

Andrew Storms, director of security operations at security vendor nCircle Network Security Inc., said the city's IT managers may have been able to prevent the incident.

"Some safety nets and best practices were probably overlooked if one person could have caused this much damage," he said.

McMillan writes for the IDG News Service.

Got something to add? Let us know in the article comments.

Copyright © 2008 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon