SF's Rogue IT Admin Facing 4 Felonies
Accused system administrator was claiming intellectual property rights over city's network configuration.
Terry Childs, the rogue system administrator for San Francisco who locked officials out of the city's fiber-optic wide area network (WAN) this year, is facing four felony charges in the case.
San Francisco District Attorney Kamala D. Harris announced Friday that Childs, 43, will be arraigned in San Francisco Superior Court on January 13. He is accused of tampering with the city and county of San Francisco's network system in such a way as to deny other authorized administrators access to the network, and to set up devices to gain unauthorized access to the system.
The DA's office said Childs is facing four felony charges for causing losses in excess of $200,000 as a result of the alleged computer network tampering.
The Terry Childs case came to light earlier this year after a security audit triggered an investigation into who had access to the city's network. Following a confrontation with colleagues in June, Childs was reassigned. He was arrested in July, after refusing to surrender the passwords and usernames for the network to his managers when asked to do so.
In another development that garnered widespread media coverage, Childs only surrendered the password information after San Francisco Mayor Gavin Newsom visited him personally in jail in late July.
The fiber-optic WAN Childs was working with connects all of San Francisco's computers, handles city e-mail, payroll and other functions and also handles some of the systems of the city's police department.
Childs' takeover of the network highlights the danger that insiders can pose to IT networks, often more than any risk to security that outsiders may represent.
San Francisco's Department of Telecommunications and Information Services (DTIS), which was rocked by the incident, has spent a considerable amount of money to ensure that the network has been cleared of hidden traps left by Childs and is now implementing best practices to prevent a recurrence, Ron Vinson, its chief administrative officer, told InternetNews.com.
December 30, 2008
Learn how modern infrastructures demand better insight into web applications and their inherent risks in the form of web application firewalls.