2.5 Years in Jail for Planting 'Logic Bomb'

cweditor writes "A former Medco Health systems administrator was sentenced to 30 months in federal prison and ordered to pay $81,200 in restitution for planting a logic bomb on a network that held customer health care information. The code was designed to delete almost all information on about 70 company servers. This may be longest federal prison sentence for trying to damage a corporate computer system, although Yung-Hsun Lin faced a maximum of 10 years." How long before the disgruntled sysadmin replaces the disgruntled postal worker in the zeitgeist?

wow, that's harsh

[jollyreaper]

I would like to give this admin credit for not just walking into the place with a high-powered assault rifle and shooting at random.

I've heard some tales of the disgruntled from back in the day. The most common "I quit" sabotage was taking the reel-to-reel's from the library and dumping them in a sink with water. But the worst worst worst one I heard of, one that could even be an urban legend because of how evil it is, it was the revenge of an angry admin who wanted the company to pay dearly for the evils visited upon him. He sets up this program that doesn't run until several months after he leaves the company. Note, this is back in the days of tapes and computer operators who worked the night shift and moved the tapes from one drive to another, 1970-somethings. Anyway, what his program did was step through EVERY tape in the library. He shuffled it in a random order so nobody would become suspicious. The operator just follows the prompting on his terminal, never the wiser. By the time the sequence is complete, every tape has been erased. As the story goes, the company had no offsite backups and was ruined.

Revenge fantasies are fun but seriously, a job is a job. If you go out in a blaze of glory at one, it will make finding the next one a lot more difficult, especially with a felony on your record. But I guess if he was thinking clearly we wouldn't be reading about this in the first place.

Nice work if you can get it

[MillionthMonkey]

I once worked for a guy who had to maintain some code that a consultant had written several months before. (Ironically this was at a place that handled medical records.) He stumbled across a logic bomb in the consultant's code that hadn't gone off yet. I forget the details but he said it was some sort of obfuscated routine that used a number of inputs, including the timestamp, to produce its outputs, and the timestamp was a legitimate input needed by the routine for real reasons. It was being manipulated with some goofy number in some way to cause an overflow on a certain date, which was still several months away.

So he figures, oh, it's a logic bomb, and not being terribly intrigued by it enough to study it, he just kicked up the number to push the deadline back by a century and left it at that.

Three or four days after the bomb was set to go off, they got a phone call from the guy asking if they had any work for him.