Former San Francisco network engineer Terry Childs has been convicted of locking the city out of its FiberWAN network after learning he might lose his job.
Former San Francisco network engineer Terry Childs was found guilty Tuesday of locking the city out
of its own network.
A jury convicted Childs, 45, of one felony count of denying or
disrupting computer services to an authorized user. Childs was charged
in 2008 after he refused to provide passwords
the city's FiberWAN network. The system contained much of the city's
digital records, including law enforcement documents and city payroll
When Childs heard about impending layoffs, he refused requests from
his bosses to hand over passwords to the network he built. The lockout went on for 12 days
Childs gave the passwords to Mayor Gavin Newsom. While prosecutors
tried to portray him as a disgruntled, vengeful employee, one juror interviewed
after the trial told the San Francisco Chronicle the city allowed the situation with Childs to get out of control.
"We had a lot of sympathy for him," said juror Jason Chilton, who is
a network engineer. "He was put in a position he should not have been
"Management did everything they possibly could wrong," Chilton
continued. "There was ineffective management, ineffective
communication. I think that if they put the city on trial, they would
be guilty, too."
"If I was sentencing Terry Childs, I'd say that -time served' is a
just sentence," opined Michael Maloof, CTO at TriGeo Network Security.
"This needs to end and while I believe his situation was largely
self-inflicted, there's nothing to be gained by a longer
sentence. Anyone contemplating a similar power struggle with
'incompetent' peers and management already knows that the consequences
of an IT mutiny can be severe. Neither Terry nor the city of San
Francisco will benefit from additional jail time as neither seems
willing to accept their role in this debacle."
Phil Neray, vice president of security strategy at IBM's Guardium,
said the incident is a reminder to organizations to have the proper
monitoring technologies in place.
"Most superusers, like Childs, have unfettered access to all of an
organizations' critical information, including system passwords...This
case shows that organizations need to protect themselves by
continuously monitoring all access to sensitive information - including
access to passwords and changes to system privileges, because Childs
used his privileges to block other IT personnel from the network
- and analyzing it in real-time for suspicious activities or
violations of corporate policies," Neray said.
Childs faces up to five years when he is sentenced.