Rogue system admin shuts down servers and deletes core files on the day he is fired, now...

[William Gayde]

The standard procedure when someone leaves a job is to immediately deactivate their accounts and revoke their credentials. This ensures they can't get back in and cause harm if the termination goes sour. What happens though if the person being fired is an IT system administrator in charge of managing those accounts? A near total meltdown in the case of Joe Venzor and boot manufacturer Lucchese.

Venzor was let go from his position at the company's help desk and immediately turned volatile. He left the building at 10:30AM and by 11:30, the company's email and application servers had been shut down. Because of this, all activities ground to a halt at the factory and employees had to be sent home.

When the remaining IT staff tried to restart them, they discovered the core system files had been deleted and their account permissions had been demoted. Eventually the company was forced to hire a contractor to clean up all of the damage, but this resulted in weeks of backlog and lost orders.

While recovering from the attack was difficult, finding out who did it was simple. Venzor was clearly the prime suspect given the timing of the incident, so they checked his account history. They discovered he had collected usernames and passwords of his IT colleagues, created a backdoor account disguised as an office printer, and used that account from his official work computer. He was arrested last year and pleaded guilty yesterday. He is scheduled for sentencing in June and is looking at up to 10 years in prison and a $250,000 fine.

Permalink to story.

https://www.techspot.com/news/68753-rogue-system-administrator-shuts-down-servers-deletes-core.html

 

[amstech]

Never make decisions when you're angry, never make promises when your happy.

 

[dirtyferret]

Never make decisions when you're angry, never make promises when your happy.

and never get involved in a land war in Asia

 

[davislane1]

He created a backdoor that led him to a cell door.

 

[Skidmarksdeluxe]

He may have felt a rush and a sense of satisfaction after the deed was done (I probably would have if it was me) but I'll bet he's regretting it now. Somehow I don't think he'll get a 10 year stretch or pay the hefty fine but that depends on how smart his mouthpiece is. You get lawyers and you get lawyers, some are good at keeping their clients out of hot water while others are good at keeping their bar stools toasty warm.

 

[MarkHughes]

So, How does he go about paying the fine ? I mean, He will have very limited options for income the next 10 years and most certainly won't have an easy time getting work in IT after, so how does that work ?

 

[Evernessince]

I can understand the fine but 10 years seems a bit much.

 

[TomSEA]

So, How does he go about paying the fine ? I mean, He will have very limited options for income the next 10 years and most certainly won't have an easy time getting work in IT after, so how does that work ?

Most court fines are never paid back. Usually the company has to hound them through legal means until the day they die to get pennies back on the dollar they're owed.

 

[GreenArrow]

I can understand the fine but 10 years seems a bit much.

they are trying to make an example out of him

 

[MonsterZero]

He created a backdoor that lead him to a cell door.

Now he's gonna be getting it in the backdoor!

 

[hahahanoobs]

I can understand the fine but 10 years seems a bit much.

Up to 10 years.

 

[umbala]

People always freak out when they see a big number like "10 years" and their brain seems to delete the "up to" phrase right in front of it. The maximum he COULD get is 10 years, but if he doesn't have any previous run-ins with the law then they'll probably go easy on him. While 10 years would definitely be too much for this kind of crime, I do hope they make an example out of him and he doesn't just get off with probation and a fine.

 

[DelJo63]

TOTAL Middle management failure.

• at no time does ONE individual own the keys to the kingdom
• inadequate backup-recovery plan that was not written, not exercised, not tested
• missing audit for active logins and person assigned
  
• worthless HR department for not preparing the manager & staff for the dismissal

Sometimes these companies reap what they sow - - incompetence.

 

[cartera]

I think the 'securing the ship' once an admin has left is all to often left out. I know for a fact my old company hasn't removed my admin rights because I'm still good friends with the other admins and they told me it's still active! Disabling it apparently caused a few issues. I would like to hope they at least removed VPN rights and changed the password though.

 

[wizardB]

Looks like they are trying to give him a longer sentence then they give to murderers...don't mess with corporations they own the government.

 

[Puiu]

TOTAL Middle management failure.

• at no time does ONE individual own the keys to the kingdom
• inadequate backup-recovery plan that was not written, not exercised, not tested
• missing audit for active logins and person assigned
  
• worthless HR department for not preparing the manager & staff for the dismissal

Sometimes these companies reap what they sow - - incompetence.

Come on dude, we are talking about a company that specialises in making boots not a bank or huge IT company.

 

[DelJo63]

Come on dude, we are talking about a company that specialises in making boots not a bank or huge IT company.

IT Management is - - Management. In this case, incompetent management. Watch the Board of Directors go berserk if the internal systems go down due to a disaster and no one has an idea what to do or how to proceed!

If you can't stand the heat, get out of the kitchen!

 

[wizardB]

Come on dude, we are talking about a company that specialises in making boots not a bank or huge IT company.

And we're talking about courts that care more about corporate profit then they do about your life.

 

[Lagoon Creature]

Alright so punish the guy... but seriously there are dudes raping women without a single day in prison this is just stupid.

 

[mizkitty]

When?
Where?
How come I have to Google every article to get more details?

FYI...El Paso...and his Dad is a doctor...so lots of family money...

 

[Lionvibez]

A help desk analyst usually doesn't have this kind of access. The title says system admin which is someone that would have access to all these servers so which is it?

 

[gibbstar]

He created a backdoor that led him to a cell door.

which, in turn, opened up his back door to his cell mates

 

[Darth Shiv]

TOTAL Middle management failure.

• at no time does ONE individual own the keys to the kingdom
• inadequate backup-recovery plan that was not written, not exercised, not tested
• missing audit for active logins and person assigned
  
• worthless HR department for not preparing the manager & staff for the dismissal

Sometimes these companies reap what they sow - - incompetence.

Well you've got to have someone trustworthy in the position or if you are going to get rid of them, you need to work that stuff out that you say.

 

[sdms96825]

So, How does he go about paying the fine ? I mean, He will have very limited options for income the next 10 years and most certainly won't have an easy time getting work in IT after, so how does that work ?

Most court fines are never paid back. Usually the company has to hound them through legal means until the day they die to get pennies back on the dollar they're owed.

Actually a fine is not paid to the company -- it is paid to the government (local, state, or federal) because this is a criminal, not civil, case. The court could also order restitution (damages suffered by the victim) which might be quite high in this case.

 

[QuaZulu]

So, How does he go about paying the fine ? I mean, He will have very limited options for income the next 10 years and most certainly won't have an easy time getting work in IT after, so how does that work ?

Most court fines are never paid back. Usually the company has to hound them through legal means until the day they die to get pennies back on the dollar they're owed.

And isn't that a wonderful way to spend the rest of your life - hounded for money and legal fees; no one hiring you because of your previous behavior. Shesh! A few minutes of perverted pleasure, a lifetime of pain and sorrow. Think first!