Slashdot Mirror
2.5 Years in Jail for Planting 'Logic Bomb'
cweditor writes "A former Medco Health systems administrator was sentenced to 30 months in federal prison and ordered to pay $81,200 in restitution for planting a logic bomb on a network that held customer health care information. The code was designed to delete almost all information on about 70 company servers. This may be longest federal prison sentence for trying to damage a corporate computer system, although Yung-Hsun Lin faced a maximum of 10 years." How long before the disgruntled sysadmin replaces the disgruntled postal worker in the zeitgeist?
Ehm, I don't think the disgruntled sysadmin will ever really enter the zeitgeist. If a company has good IT policies and practices in place, the disgruntled sysadmin really isn't that big of a problem.
In my mind, this means that you should always have more than one admin, never giving anybody absolute authority over ALL systems. With offsite backups and redundant systems, the damage any single admin could do would be minimal. Maybe costly in terms of downtime, but nothing that's going to grind your business to a halt. Just as in government, there needs to be checks and balances. Giving a single admin too much power is a very bad idea.
What I want to know is: Why would a sysadmin do things like planting a logic bomb anyway? I mean, we're talking about your PROFESSIONAL REPUTATION here. This guy's never gonna work in IT again.
My blog
Why so destructive? I would be way more effective to place a "corrupter" on the network. Instead of destroying the data, let it gradually corrupt the data. Way more damage, and probably much harder to recover from with backups.
We all have thought about planting a Dead Man Switch. The difference between us and this guy is the same difference between saying you want to kill someone and actually doing it. This guy sucks and deserves prison and to be banned from the workplace. As a Unix Engineer who has survived and been part of layoffs in the past, this type of person is not fair to the rest of the team. If you aren't gonna be the best, don't put scripts in place to punish the people that are.
The saving grace in this case was not the guy who found the script(he of course milked it for what it was worth), but the fact that this guy did things half-assed. His original script had a bug in it(not tested)... these are the same reasons that he probably lost his job to the better people on the team when the cuts came.
Label me a troll if you want... but this guy was trash and is where he belongs.
Of course only if the gulty one is not a company.
:wq!
It probably does exist, but then you get people like you coming along and posting off-topic that ruin it ;)
which is totally what she said
live long and prosper, logic bomber...
If it was financial data I might agree with you, but this guy destroyed medical records. How would you feel if all your medical records were destroyed? Especially if you were right in the middle of chemo, or radio, or treatment for AIDS?
This guy's sentence was not only just, I think it should have been longer. I have a freind in Dwight Correctional Center (a maximum security women's prison in Illinois) for selling a couple of joints to an undercover cop. Are you telling me that destroying medical records is less harmful that marijuana?
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
I'm an anesthesiologist. It's virtually impossible for judges and the lay public to determine, really, whether I committed malpractice (absent blatantly criminal acts). In fact, most doctors would probably need a fair amount of exposition to determine whether or not I committed malpractice (as I would, in turn, if faced with a case from another specialty). And yet we are judged by twelve people who could not escape jury duty. Yes, I'd prefer if I were judged only by my colleagues, and so would you. But if that were the case, nobody would ever trust us. It's the price you pay for having a society.
Only when disgruntled sysadmins start damaging meatspace.
When someone blows away the contents of 70 servers, they ARE damaging meatspace. Real time, stress, cash, and possibly very serious side-effects to real meat can result (especially in health care operations and record keeping). We just need more people to be aware of how the things that they pay money for, and get or don't get with the fruits of their labor, are diminished by the acts of crooks and vandals of ALL sorts. Inside IT jackasses, retail store theft/shrinkage - all of that. People don't want to think about it, not least because it's a reminder that there really are just plain bad people out there, and that they cost us all a little (and sometimes not so little) piece of our lives. I don't know about you, but the only life I'm getting is in meatspace. Chip away at that - however indirectly - and you're messing with the only thing that matters. And there are thousands of people chipping away, every day. Disgruntled IT guys aren't any different than disgruntled anyone else, but they can cause damage in unique ways, given their reach and the subtlety of their line of work.
Don't disappoint your bird dog. Go to the range.
Right but the question was "When will going sysadmin replace going postal" and the answer is never because they are fundamentally different entities. Yes, this is a total ass clown thing to do and yes it does lots of REAL damage. People do not end up dead with bullet holes in them; people may be dead because some health services group isn't able to pull their record and gives them medication that they are allergic to but that won't capture the imagination of the American public. Walking in to a public building and opening up with fire arms, has, unfortunately caught the imagination of our society.
Apples and oranges...
Faulty DRM and "software activation" schemes are logic bombs, too.
There is of course a a very important difference, in that they are not intended to do anything but enforce the bombers' legal rights. Or, at any rate, what the bombers credibly believe to be their legal rights.
But when a malfunctioning Microsoft server trips the "kill" switch on legitimate copies of Vista, I think it's fair to call that a logic bomb of sorts.
No, I don't think Bill Gates should do 2.5 years of jail time, but it is disappointing that Microsoft was not held accountable for this beyond a few weeks' of mildly embarrassing publicity.
"How to Do Nothing," kids activities, back in print!
On a separate subject entirely, that ComputerWorld web page is exactly what's gone wrong with the web: The content I wanted to see (the article) is spread out over three pages, and each page only contains approx. 10% of the content I want to see. The other 90% of the page contains shit, and probably blinky shit if I wasn't using Firefox and Adblock Plus. I don't know why web sites do that. Do they actually think they're adding value? Another one on the list of web sites to avoid...
A clever person solves a problem, A wise person avoids it. -Einstein
"How long before the disgruntled sysadmin replaces the disgruntled postal worker in the zeitgeist?"
Well, I think first a sysadmin has to, you know, kill someone. This incident does not even remotely compare with postal shootings. I'm all for hyperbole, but, fuck, it has to be within a couple of orders of magnitude.
--J(K) DOS is like Unix in exactly the same way that a pinto is like an aircraft carrier.
I have been angry at work. I took a more reasonable approach: I quit and found a different job.
--Sam
There are data backups which can be restored
If you trash 70 servers, you are seriously down and out of business for a while. And someone with that degree of access may also have corrupted data that goes way back into your backups. You don't know. You have to check. And for many businesses, being down and out for, say, 48 hours... it's a death sentence. Just-in-time manufacturers, retailers... they can wind up in contract breach, lose customers... if that happened to some retailers during the peak of their holiday sales season, it would bankrupt them. And when an IT person who KNOWS that chooses to shut down a business - and possibly kill it, costing everyone who works there their jobs, and everyone who invested in the business their money, and every customer who uses the vendor a resource - then that's not a bit different than torching their warehouse or otherwise acting to ruin the operations and the people who depend on it and have worked to build it. Three years in prison for deliberately, methodically attempting to ruin other people's lives and livehihood? You think that's too much? Your moral compass is way off, friend.
Don't disappoint your bird dog. Go to the range.
And if a doctor says fuckit and goes ahead with a life saving procedure because their health records are inaccessible due to some asshat fucking up the servers which would have denied the procedure?
rewriting history since 2109
I say that and yet I feel for the guy. I've been disrespected by suits and have gone to sleep fantasizing about wiping a system. It felt good. But in the morning, I got up and went to work to get a job done.
Many in IT are bitter for good reason. Most of the IT in my area was layed off 9/12/2001 and a week later offered their jobs back at half what they were making. A few of my friends have trained their Indian offshore replacements. I see jobs advertised that want 5-7 years expert experience in 12 different programming languages, 10 different platforms and a four year degree with a starting salary less than a manager at McDonnalds would make.
What do you do... We're a new profession with growing pangs. It took a centry for doctors to fight off the mid-wife. Eventually, the world will come to accept that computers are important enough that they want the best people and will treat the Admin with the importance that work entails. It's starting. Google does it. Others do too. We'll get there.
-[d]-
The real panic for the public happens only when individuals fear for their lives.
This is basically the exact reason that Homeland Security is the biggest terrorist organization in the US.(The news media is right up there though...)
Oh, bullshit. Having one set of asshats does not beget the second set of asshats.
Depending on 70 servers to support a business--health care or otherwise--and presuming that someone will simply support them is worse than presuming that your car will simply work if your maintenance is limited to keeping gas in the tank. Worse yet, most of those who employ systems support personnel for important systems tend to treat them like replaceable parts. I am presently engaged in a surreal conversation with a group of people who express shock and dismay that the previous sysadmins here didn't document their procedures--so now there is no one to set up the 20-odd people they've just hired for the expensive and vital business application for which they are responsible. After three meetings, they seem ready to move from denial to anger and bargaining. I doubt that they'll ever consider the management who keep turning over their systems staff to save a little money in the short term. I'm wondering how to break it to them that I'll be out of here before Q2 arrives.
Sure, there are idiot sysadmins out there who think that the job is all online. It's not: it includes a lot of clerical work, from recording serial numbers to negotiating maintenance agreements. On top of that, there are myriad fools who think it's easy, and more than a few who think it's cute to bash the profession.
Further, it's not the kind of job you can just leave at the office. Even if you're not on call--which you kind of are all the time--the problems you're solving tend to stay with you. Conversely, this defines the personality of the career sysadmin: We don't like to let go of unsolved problems.
Developers know very well that software is never perfected--it's just abandoned. Consider that systems software is no different.
IMHO, the penalty we're discussing was handed out by the same type of cluelessly fearful magistrate who thinks s/he can "send a message to hackers everywhere." I presume that most of us here feel the same mix of superiority and dread that the technology we're familiar with--earn our livings with--is far beyond the scope of the law of the land.
On the bright side, systems administration can be awesomely satisfying. You get the chance to save the day, sometimes with a bit of trivial knowledge. You can feel secure in the knowledge that you are a member of a group so elite that there is no training for what you do. It was a sysadmin who figured out that broken computer in the Apollo 13 command module was exactly the same as the intact one in the Lunar Excursion Module.
Consider that systems administrators are only contacted when something is broken, or needs improvement. Try phoning your sysadmin to tell him/her that things are running smoothly, and that you appreciate glad for what s/he does every day and night.
"Press to test."
(click)
"Release to detonate."
An apt metaphor given that crap that most programmers produce. For every 1 decent program there's a few thousand "code monkeys" randomly banging on keyboards until something that passes QA lurches out. Sysadmins are they ones stuck figuring out how build adobe houses out of what they produce.
I know I'm feeding trolls, but it seemed such an apt metaphor, sysadmins cleaning up the crap programmers produce, and the code monkeys thinking that makes them better than the zookeepers.
This is kind of like the difference between blue-collar and white-collar crime. If I physically break into your house and steal a thousand dollars of property, it's blue-collar. If I intentionally falsify tax documents and earnings statements in order to pump up my company's stock value, then cash out for millions of dollars while you and the other stockholders are left holding the bag, it's white-collar.
Both are crimes. The first appears more "meatspace" than the second, but the consequences of the second are much broader and longer lasting -- even in the physical world. If I lose thousands of dollars in investments, it's as good as you stealing it out of my house. If I die because you destroy my medical data, leading to some kind of fatal treatment, you might as well have shot me. And even if nobody would have died, there are still other Very Bad Consequences, like patients becoming developing new conditions as the result of wrong medication (possibly leading to lifelong problems). And there is the small issue of all the MedCo employees losing their jobs, and thousands of hospitals and clinics become snarled up in treatment schedules. This one little thing could easily impact millions of people overnight.
I agree that planting a logic bomb is not the same thing as shooting somebody. It is a different thing; in fact, it's a new kind of sinister that was not even possible a hundred years ago. But it might be just as bad as "going postal."
$nice = $webHosting + $domainNames + $sslCerts