|
|
|
SF IT System Lockout Continues
By Chris Preimesberger
2008-07-17
Article Views: 37292
Article Rating: / 35
| Rate This Article: |
|
| Add This Article To: |
|
|
Administrators still cannot access San Francisco's main IT system, thanks to a now jailed employee who changed all the passwords and won't give them to authorities.An IT employee who is charged with gumming up the works at
the City and County of San Francisco's main data center by changing
access passwords for administrators could have been stopped short of
crippling access to the system if IT management had had the right
security software in place.
Terry Childs, 43, of Pittsburg, Calif., pleaded not guilty in court July
17 at his arraignment on four felony counts of computer tampering.
Childs remains in custody in lieu of $5 million bail. Childs, who makes
$127,000 per year and has worked for the city for five years, has a
bail hearing set for July 23.
Childs, a network administrator for the Department of
Technology, is charged with tampering with the system's
FiberWAN (Fibre Channel-connected wide-area network), which contains
San Francisco's sensitive Human Resources, payroll and other personal
data. He created an administrative password that provided him superior
access to the network.
Childs, who was arrested July 13, refuses to divulge to authorities the new secret password he concocted—even four days after his arrest.
Childs is accused of "tampering with the City and County of San
Francisco's FiberWAN network system in such a way as to deny other
authorized administrators access to the network and to set up devices
to gain unauthorized access to the system," according to a statement
from District Attorney Kamala Harris' office.
The city system—which
handles most of the city's digital records, including confidential law
enforcement documents, inmates' bookings, payroll records and
departmental e-mail—apparently
has no back-door access, even for highly authorized administrators.
City officials were still trying to figure out how to get back into the
FiberWAN Thursday afternoon.
City and County of San Francisco technology department manager Ron
Vinson declined to return numerous messages left on his office phone by
eWEEK. Mayor Gavin Newsom has had little or nothing to say publicly
about the case thus far. Law enforcement officials have been
tight-lipped with the media.
Security companies that sell into this market are beginning to come
forward with their expertise to discuss the incident. EMC's RSA
Security—which also uses a relatively new security approach called dynamic security—Hewlett-Packard, Sun StorageTek, IBM and NetApp are the larger IT companies that sell centralized key management.
Cyber-Ark, an identity
management specialist based in Newton, Mass., said that the network
lockout could have been avoided if managers had operated a
higher-security approach to master passwords.
"This is yet another example of the power privileged identities, such
as administrative passwords, have and the havoc they can cause in the
wrong hands," said Cyber-Ark Vice President Adam Bosnian.
"Hackers, or rogue employees such as this case, are savvier on how to
create the most damage with the least effort, and the use of admin
passwords does just that. Unfortunately, the San Francisco department
left themselves wide open by not taking their privileged identity
management seriously."
A city spokesperson estimated that this internal breakdown will cost
millions of dollars in repairs. Though the network is running, there is
still no way for IT administrators to access it at this time.
"It is critical to take a more proactive approach to secure company
back doors," Bosnian said. "Companies install complex systems for
personal passwords and overlook the more numerous privileged passwords
and identities that provide even more system access. These security
breakdowns will continue to occur until these keys to the kingdom are
securely centralized and managed."
| | Discuss SF IT System Lockout Continues | | | | | | | Centralized management does not prevent this sort of thing from happening. It only... | | | | | | Is he not the Chief Administrator? Is it not the job of the Chief Administrator to... | | | | | | It seems to me that the most important questions, is why did this admin do this?... | | | | | | Many of the companies that have stepped forward to 'point out the danger' are simply... | | | | | | The City of San Francisco retains all the movie rights for this incident. The... | | | | | | i agree with craig. its about time people start to question why someone would... | | | | | | I will be brief. If a known terrorist had done what this fellow had done, he would... | | | | | | Indeed this is a felony violation of the USA Patriot Act, very clear cut, very... | | | | | | The insightful comments about management/employee relations restore my faith in the... | | | | | | It seems like everyone has assumed guilt here. He has pleaded not guilty. To provide... | | | | | | Concurrence administration where the top-level rights can only be assigned or... | | | | | | Nice idea. How would this work? Is it a third-party app or home-brew? | | | | | | So, what would happen if two or three of these trusted people were on the same... | | | | | | This is Chris P, reporter on this story. Thanks, Craig, for your comment, which is... | | | | | | POE or a combination of those three letters. We can still send the recall code! | | | | | | If he demands his job or full pay and retirement as the price of revealing the... | | | | | | Whatever happened to a simple admin recovery bootdisk to reset the password at the... | | | | | | We live in "desperate times"?!?!? Lord. Let me guess - you are under 30 yrs... | | | | | | Does anyone remember how Newman (Seinfeld character)took control of the computers in... | | | | | | Since he tampered with a government computer system, they should charge him with... | | | | | | Thanks for the complement. I like to believe I think like somebody under 30, but in... | | | | | | I'm starting an office pool based on what the password could be.
Some suggestions... | | | | | | I like this idea. How about some more possible... | | | | | | thanks for your kind words, and as it happens, I spend a great deal of my time... | | | | | | Hang the guy up by the balls! | | | | | | that leaves signs of torture. WATERBOARD him. :) | | | | | | Passwords in an off site, secured, envelope is decent plan. It does not solve every... | | | | | | The proper way to separate a tenured employee is to offer a suitable separation... | | | | | | Learn the facts n00bs. Suggestion that a US citizen who has allegedly committed an... | | | | | | So, it is faschist to put US-citisen on Guantanamo jus on suspision of a crime, but... | | | | | | >>> Post your comment now! | | | | | |
|
 |
|
|
|
| |
