IT admin gets seven years in prison for nuking company servers

Cal Jeffrey

Posts: 3,534   +1,061
Staff member
Facepalm: It's not uncommon for people unhappy with their job to do stupid things to show their dissatisfaction. However, it might be a good idea to at least curb the behavior to acts that are not going to land them in jail. A Chinese IT worker learned this lesson the hard way after being sentenced to hard prison time for "sabotaging" his employer's servers.

A disgruntled IT administrator for a real estate firm was sentenced to seven years in prison for wiping his employer's financial servers. The 40-year-old worker attempted to make the data unrecoverable, prompting the harsh penalty. However, the company was able to rebuild the databases and reenter the lost data at a significant expense.

Chinese news outlet Bejing Roar notes that database administrator Han Bing had warned management at his employer, Lianjia, several times about holes in its database security. Bing allegedly wanted to teach them a lesson, so he erased four servers housing the company's financial information.

The real estate brokerage firm immediately launched an investigation. It quickly narrowed its list of suspects to five people with administrative privileges to the servers, including Bing. Four employees fully cooperated with management and handed over their laptops and passwords. However, Bing refused to give up his username and password, claiming his laptop contained private information.

He agreed to allow investigators to access his laptop in his presence, but they did not find evidence that Bing had done the tampering. However, they determined that he could have erased trace evidence from the laptop. So they began combing through server logs and analyzing surveillance footage.

Investigators found Bing's laptop hostname, MAC addresses, and IP addresses in the server records at the time of the erasures. They confirmed his access with timestamped CCTV footage. None of the other four admins had accessed the servers around those times. They determined that Bing had used the "shred" and "rm" commands to delete and make the data unrecoverable.

After a rejected appeal, the courts found Bing guilty of sabotaging computer information systems and sentenced him to seven years in prison. He must also cough up $30,000 (about 200,000 yuan) in restitution.

Image credit: Hafizi

Permalink to story.

 

Neatfeatguy

Posts: 884   +1,522
My last job, about a year before I started, someone was upset with management and was getting fired (something he brought upon himself). The day before he was fired he went around using other computers, but he had to login with his credentials, and he was remotely logging into customer computers.

Once he got into customer's computers/servers, he went about at erasing databases and deleting the customer's files. For some reason he thought he wouldn't be caught because he was using other people's computers.

Because the guy was accessing customer computer's remotely, some of these customers were in other states so this issue became a federal crime because it took place across multiple states. The FBI got involved and easily tracked down the guy that did it and he went to jail and paid a large fine.

Some people are just stupid.
 

Lionvibez

Posts: 2,679   +2,464
My last job, about a year before I started, someone was upset with management and was getting fired (something he brought upon himself). The day before he was fired he went around using other computers, but he had to login with his credentials, and he was remotely logging into customer computers.

Once he got into customer's computers/servers, he went about at erasing databases and deleting the customer's files. For some reason he thought he wouldn't be caught because he was using other people's computers.

Because the guy was accessing customer computer's remotely, some of these customers were in other states so this issue became a federal crime because it took place across multiple states. The FBI got involved and easily tracked down the guy that did it and he went to jail and paid a large fine.

Some people are just stupid.
Happens when you think you are the smart guy in the room. However Law enforcement usually have someone smarter on their payroll.

And what a way to end your IT career someone people truly are brainless.
 

Mugsy

Posts: 765   +201
A company I once worked for asked me to install a bunch of pirated software on my work PC so I could do my job.

As time went on and it became obvious the company was trying to force me out (hiring someone who knew absolutely nothing and expected me to train them), so I wrote a DOS script that launched on startup to wipe out all the pirated software if I wasn't there to stop it.

Two days later, I was very glad I did. I lost my job, and my replacement had no software upon which to do it.
 

hwertz

Posts: 146   +81
Pretty bad -- I mean, it sounds like they didn't even do anything to piss him off, just refused to heed his advice about securing the servers. That is dumb and an IT person in that position should definitely make sure there's a paper trail showing they warned about lax security and were rebuffed (so the management can't pretend after the fact "Oh, nobody warned me, it must be the IT people's fault.") But wiping servers because you aren't allowed to properly secure them? Wow.
 

PEnnn

Posts: 806   +945
Amateur.

There are so many creative ways to do this and make it look like it was executed from one of the big honchos' computers.....at a much later time in the future, of course.

Heck, the script could erase and format that proxy computer too, after accomplishing the mission!!
 

AmigaInside

Posts: 40   +20
TechSpot Elite
I'd be more interested in the recovery/rebuild process. I've heard about these companies that can supposedly recover "unrecoverable" data at a significant expense.

What does significant mean exactly and what is the wizardry involved?