Terry Childs Convicted of Locking San Fran out of Network

Former San Francisco network engineer Terry Childs has been convicted of locking the city out of its FiberWAN network after learning he might lose his job.

Former San Francisco network engineer Terry Childs was found guilty Tuesday of locking the city out of its own network.

A jury convicted Childs, 45, of one felony count of denying or disrupting computer services to an authorized user. Childs was charged in 2008 after he refused to provide passwords to the city's FiberWAN network. The system contained much of the city's digital records, including law enforcement documents and city payroll records.

When Childs heard about impending layoffs, he refused requests from his bosses to hand over passwords to the network he built. The lockout went on for 12 days before Childs gave the passwords to Mayor Gavin Newsom. While prosecutors tried to portray him as a disgruntled, vengeful employee, one juror interviewed after the trial told the San Francisco Chronicle the city allowed the situation with Childs to get out of control.

"We had a lot of sympathy for him," said juror Jason Chilton, who is a network engineer. "He was put in a position he should not have been put in.

"Management did everything they possibly could wrong," Chilton continued. "There was ineffective management, ineffective communication. I think that if they put the city on trial, they would be guilty, too."

"If I was sentencing Terry Childs, I'd say that -time served' is a just sentence," opined Michael Maloof, CTO at TriGeo Network Security. "This needs to end and while I believe his situation was largely self-inflicted, there's nothing to be gained by a longer sentence. Anyone contemplating a similar power struggle with 'incompetent' peers and management already knows that the consequences of an IT mutiny can be severe. Neither Terry nor the city of San Francisco will benefit from additional jail time as neither seems willing to accept their role in this debacle."

Phil Neray, vice president of security strategy at IBM's Guardium, said the incident is a reminder to organizations to have the proper monitoring technologies in place.

"Most superusers, like Childs, have unfettered access to all of an organizations' critical information, including system passwords...This case shows that organizations need to protect themselves by continuously monitoring all access to sensitive information - including access to passwords and changes to system privileges, because Childs used his privileges to block other IT personnel from the network - and analyzing it in real-time for suspicious activities or violations of corporate policies," Neray said.

Childs faces up to five years when he is sentenced.