Slashdot Mirror
Sysadmin Gets Two Years In Prison For Sabotaging ISP (bleepingcomputer.com)
After being let go over a series of "personal issues" with his employer, things got worse for 26-year-old network administrator Dariusz J. Prugar, who will now have to spend two years in prison for hacking the ISP where he'd worked.
An anonymous reader writes: Prugar had used his old credentials to log into the ISP's network and "take back" some of the scripts and software he wrote... "Seeking to hide his tracks, Prugar used an automated script that deleted various logs," reports Bleeping Computer. "As a side effect of removing some of these files, the ISP's systems crashed, affecting over 500 businesses and over 5,000 residential customers."
When the former ISP couldn't fix the issue, they asked Prugar to help. "During negotiations, instead of requesting money as payment, Prugar insisted that he'd be paid using the rights to the software and scripts he wrote while at the company, software which was now malfunctioning, a week after he left." This tipped off the company, who detected foul play, contacted the FBI and rebuilt its entire network.
Six years later, Prugar was found guilty after a one-week jury trial, and was ordered by the judge to pay $26,000 in restitution to the ISP (which went out of business in October of 2015). Prugar's two-year prison sentence begins December 27.
When the former ISP couldn't fix the issue, they asked Prugar to help. "During negotiations, instead of requesting money as payment, Prugar insisted that he'd be paid using the rights to the software and scripts he wrote while at the company, software which was now malfunctioning, a week after he left." This tipped off the company, who detected foul play, contacted the FBI and rebuilt its entire network.
Six years later, Prugar was found guilty after a one-week jury trial, and was ordered by the judge to pay $26,000 in restitution to the ISP (which went out of business in October of 2015). Prugar's two-year prison sentence begins December 27.
... simply telling them he wasn't interested in helping them with the problem. If you're going to do something like this, you have to learn to balance ego and revenge.
And keep a copy of your stuff on hand before you get fired.
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
You gotta hand it to the guy for negotiating for the rights to the software. He kinda was *TRYING* to do the right thing by making sure he had the proper rights to the software (presumably before he sold it himself). A more unscrupulous man might just have stolen the software and used it to start his own business without any notification at all.
I think his intent was to gain ownership of his scripts in the hops he could hide is tracks or at least obscure his sabotage.
The world's burning. Moped Jesus spotted on I50. Details at 11.
"Judge Rambo ordered Prugar to pay $26,000 in restitution."
I guess its better than getting sentenced by Judge Dredd.
As making a living out of being all things 'admin' (sys/network/engineering, ect.), he totally deserves this. This guy is total amateur-hour and quite simply deserves what he got. If it was really about your scripts, then they were probably garbage anyway. Any admin with have a brain keeps copies of their stuff; I actually use version control systems right long with software developers and engineers, so an even bigger reason to manage your domain better.
I'm sure he had a fair bit of perceived egotism and elitism in his attitude and work ethic, which made the situation what it was and resulted into today for him.
Even that, if he was able to log on to absolutely anything after his contract was terminated, then shame on the ISP, too. That's probably why they don't exist anymore. In any fairy constructed IT shop of sys-admins, regardless of how the rest of his co-workers felt about the situation of all of it, his access to everything would have been gone the second he was being walked out the door by security, HR, ect.
Hacking is just a popular term with no legal meaning. The actual laws would have been against unauthorized access and causing damage. And yes, the access was clearly unauthorized regardless of the method used.
Uh. No. legit access stops as soon as he is terminated. Still having an old house key to a place that you used to live does not entitle you to go into that house uninvited at your own discretion
File under 'M' for 'Manic ranting'
It would depend on how well the prison is ran.
Often the jails are just filled with drug offenders. Not the harden criminals. For a nerd it would be like being at high school again.
However many IT Guys are just as big and tough as any other person who goes into prison. This is 2016 not the 1980's Revenge of the Nerds movies.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
"However many IT Guys are just as big and tough as any other person who goes into prison. This is 2016 not the 1980's Revenge of the Nerds movies"
Quite true. More than a few of the sysadmins I know are outdoorsy types in good shape and a couple are really big fella. The one I know who's most like Prugar is 6-2, 250 lbs. He may not be a streetfighter but he's far from the 1st person you'd think of trying to push around - although you're welcome to try.
Pain is merely failure leaving the body
And keep a copy of your stuff on hand before you get fired.
If you were doing it at work on company systems it's probably not "your stuff" anyway, it's probably small utilities he used to make his job easier. If you want to do something for yourself do it on your own time on your own machine, don't use any company resources and try not to do anything that would make them question your loyalty to your day job. Being a consultant or contractor is fine because everyone knows that. Being an employee with a secret double agenda is not.
Live today, because you never know what tomorrow brings
It can be assumed that if the username/password works access is authorized
Authorized by the computer system, yes. But not authorized by the employer.
If it weren't for deadlines, nothing would be late.
This kind of thinking is what got him in trouble. It's not your stuff. It's work for hire, and they own the copyright. If your company were to discover you took software with you (written on their time), and they actually cared, they could have you arrested for theft.
Real pros design their code with subtle flaws that will make it fail a few weeks after they get fired, and then obfuscate it in a way that looks like they are just a plausibly crap programmer. Throw in a few random frameworks for misdirection and convert the odd critical function to COBOL, and you have guaranteed employment for life.
At least, that's what I assume pros do, based on the code I have to maintain.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Arrested for theft? Not really.... they could sue for copyright infringement though.