Slashdot Mirror

← Back to Stories (view on slashdot.org)

Former Fed Employee Fined $5,000 For Installing Bitcoin Software On Server (bloomberg.com)

Posted by BeauHD on from the rake-in-the-money dept.

An anonymous reader quotes a report from Bloomberg: A former Federal Reserve employee was sentenced Friday to 12 months probation and a $5,000 fine after pleading guilty in October to installing unauthorized software on a computer server at the U.S. central bank. Nicholas Berthaume, who as a communications analyst had access to computer servers at the Fed's Board of Governors in Washington, installed software that connected to an online bitcoin network in order to earn units of the digital currency, according to a statement Monday from the central bank's Office of Inspector General. Berthaume also "modified certain security safeguards so that he could remotely access the server from home," the statement said. When confronted, he tried to cover up his actions by deleting the software; eventually he was fired and admitted guilt, the office said. His actions didn't result in the loss of any Fed information, and the board has enhanced security since the incident, the internal watchdog said. The story was first reported by The Wall Street Journal (Warning: source may be paywalled).

80 comments

  1. Why bother? by houstonbofh · · Score: 1

    Why bother? It is not like those servers can compete with ASIC mining anyway...

    1. Re:Why bother? by rmdingler · · Score: 4, Insightful

      Why bother? It is not like those servers can compete with ASIC mining anyway...

      Curiosity: can I make it work and can I get away with it.

      Value: it's free electricity.

      Rick/reward fail: Failure to see the consequences of being caught will outweigh the likely reward.

      It is quite surprising this hasn't happened more often, unless there's an interest in keeping the discovery and dismissal in house.

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    2. Re:Why bother? by tlhIngan · · Score: 4, Insightful

      Why bother? It is not like those servers can compete with ASIC mining anyway...

      That's only if you're trying to make a profit out of mining and you have expenses like real estate, electricity, the mining hardware, etc.

      If you didn't have all that overhead, CPU based mining is more than adequate, especially if you have free real estate, free electricity and free hardware. Sure you'll mine slowly, but it's all profit.

      Some ransomware does this, as do many malware - when you have a botnet of 500,000 for free use, bitcoin mining isn't terribly bad, especially since it's all free to you.

    3. Re:Why bother? by Highdude702 · · Score: 1

      Well with this coming out I'm sure there will be copy cats. So I would assume depending on the firm/government agency it is best to keep this under wraps even if not to give others ideas is the only reason.

    4. Re:Why bother? by wasteoid · · Score: 1, Informative

      Here's your Rick reward.

    5. Re:Why bother? by rmdingler · · Score: 1
      I rolled right into that.

      Nearly 280 million views... I wonder how many of those were intentional.

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    6. Re:Why bother? by DivineKnight · · Score: 1

      Meanwhile the NSA has ordered up another ~50 million or so GPU cores for their latest encryption / decryption servers...I'm not saying that they could run the BitCoin exchange if they wanted to, but they totally could.

    7. Re:Why bother? by ArchieBunker · · Score: 1

      At this point, what would be the average time for a GPU or even a CPU to mine a bitcoin?

      --
      Only the State obtains its revenue by coercion. - Murray Rothbard
    8. Re:Why bother? by rmdingler · · Score: 2

      Apparently, it's a bit like the lottery in that it only seems to make dollars if you don't have any sense.

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    9. Re:Why bother? by DontBeAMoran · · Score: 1

      Oh, so I have a good chance of making a profit then?

      --
      #DeleteFacebook
    10. Re:Why bother? by Anonymous Coward · · Score: 0

      A common fallacy, but no, they couldn't. Bitcoin network hashrate is current 37696874 petaflops, Assuming the latest GPU can pull 10 teraflops, they'd need 3.7 billion GPUs. Not happening.

    11. Re:Why bother? by Spookticus · · Score: 2

      I watch it every month or so because I like the song. I think I've ever watched it unintentionally once which lead me to watch it again few more times :)

    12. Re:Why bother? by dbIII · · Score: 1

      To a thief the hardware and power they can get for nothing is cheaper than an ASIC they have to buy.
      See also Bitcoin miner trojans.

    13. Re:Why bother? by dbIII · · Score: 2

      It is quite surprising this hasn't happened more often,

      Here's one from as far back as 2011:
      https://thenextweb.com/au/2011...
      It's probably not making the news so much because it's probably normally thought of as a petty crime.

    14. Re:Why bother? by l0n3s0m3phr34k · · Score: 1

      Totally, that's why I'm in the process of rolling out a bitcoin miner across my entire companies Window's infrastructure!

    15. Re:Why bother? by DigiShaman · · Score: 2

      Don't give Micro$oft any ideas!

      --
      Life is not for the lazy.
    16. Re:Why bother? by rtb61 · · Score: 2

      Not if you start it, than it is a straight up ponzi scheme. Late comers greed, creates the false sense of credibility about your imaginary pile of loot. Real problem in getting rid of your hoard a billion of dollars of fake currency is a real tough sell (kind of really, really, collapses the value of your imaginary currency). Take the US dollar, is keeps the entire US defence force to back the illusion of the made up money and the US Fed, don't want to play and they will pretty much kill you (on a country level of course, not an individual level).

      --
      Chaos - everything, everywhere, everywhen
    17. Re:Why bother? by Anonymous Coward · · Score: 0

      "the BitCoin[sic] exchange"

      wat?

    18. Re:Why bother? by houghi · · Score: 2

      I could see this be a case of "Here is an official warning. Fuck up one more time and you are gone." situation in many companies. I know of one such case. It wasn't a Bitcoin thing as that did not excist.

      It would depend on the company, situation and what not. I live in Belgium, Europe, so that would be a factor as well. Do it at a bank? You are done. Do it at a mlocal supermarket? Warning.
      The result would obviously depend on what you do the rest of the time. If you are an outstanding employee that has done a lot for management, it will be different than one that is always late, performs bad and moans a lot.

      Also people who get fired over this would also not want it to be public knowledge as it will be already hard enough to get a job anyway. Nobody wins if it becomes public.

      --
      Don't fight for your country, if your country does not fight for you.
  2. You may not create money by Anonymous Coward · · Score: 5, Funny

    You may not create money! What do you think this is the federal reserve bank or something?

    1. Re:You may not create money by DontBeAMoran · · Score: 1

      Score: 1677215, Funny.

      --
      #DeleteFacebook
  3. I wonder how such fool had admin rights to anythin by Anonymous Coward · · Score: 0

    Admin rights to a server? Tru firewall and proxy? Seriously? Shitty secutity at it's finnest!

  4. Again? by RatBastard · · Score: 4, Insightful

    Reminds me of that guy who got sacked a while back for loading SETI at Home on a bunch of servers at his work.

    Is it really that hard to remember that the computers at your employer's company are not yours?

    --
    Boobies never hurt anyone. - Sherry Glaser.
    1. Re:Again? by MightyMartian · · Score: 1

      Well, at least he didn't do something really dire and criminal like tweet about climate change.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    2. Re:Again? by Tablizer · · Score: 1

      Reminds me of that guy who got sacked a while back for loading SETI at Home on a bunch of servers at his work. Is it really that hard to remember that the computers at your employer's company are not yours?

      Actually they belong to Europa. Don't touch them and don't land there.

      --
      Table-ized A.I.
    3. Re:Again? by ScentCone · · Score: 1

      didn't do something really dire and criminal like tweet about climate change

      You mean, make official communications on behalf of a federal agency when the person in charge of that agency is in the middle of replacing - as happens regularly - the politically appointed management of that agency? Yeah, like that.

      I suppose, though, you'd have been cool with an employee of NASA making tweets from official government accounts about Putin's secret moon base where he produces pieces for his mind control ray machine. Right? No? I see. Communicating from official channels on behalf of the federal government is an activity subject to the executive branch's directives. We're ONE WEEK into that changing hands. Maybe give it a rest for a few minutes?

      --
      Don't disappoint your bird dog. Go to the range.
  5. Re:I wonder how such fool had admin rights to anyt by tomhath · · Score: 2

    Shitty secutity at it's finnest!

    He got caught.

  6. Lovely! by p51d007 · · Score: 1

    How ironic!....looking for MONEY(bit coin), by using the federal reserve bank computer server. Love it!

  7. Sad But True by CrashNBrn · · Score: 4, Insightful

    Good thing we didn't live in this environment at the "dawn of networked computing" in the 80's. Most of the muds ran at the behest of unix sys-admins at Universities... under the radar of the University Dept Heads in most cases.

    1. Re:Sad But True by Anonymous Coward · · Score: 2, Insightful

      There is a difference between running a mud and running a bitcoin miner eating 100% CPU/GPU all the time. There is also the hardware advancement computers have made in the past decades, CPUs and GPUs now all enter a powersaving mode when they aren't used to their full potential. The employee was practically converting additional dollars on his employers electricity bill into bitcoins in a very lossy fashion.

    2. Re:Sad But True by gsslay · · Score: 1

      The point is that back in the 80s there was nothing like the security concerns that exist in a modern day central bank.

    3. Re:Sad But True by Anonymous Coward · · Score: 0

      True but when I have to load test the HPC facility at work I look after ...

  8. Re:I wonder how such fool had admin rights to anyt by ShanghaiBill · · Score: 2

    Admin rights to a server?

    You don't need admin privileges to mine bitcoins. A normal user login is enough.

    Tru firewall and proxy? Seriously?

    Even a web browser can do that. Where I work, this many people are unable to access outside servers: 0.

  9. Stupid and unprofitable by vadim_t · · Score: 2

    I looked into it out of curiosity about a year ago and concluded that I could make somewhere around $5 - $15 a month, while spending more on power. It long stopped being worth mining with common hardware.

    Of course using someone else's equipment you don't have that downside, but those consequences far outweigh whatever pocket cash he made from it, unless it was installed on an entire cluster.

    1. Re:Stupid and unprofitable by JustNiz · · Score: 2

      yep bitcoing mining long ceased to be viable on regular PC hardware. Anyone doing profitable mining is using dedicated ASIC-based hardware.

      Bitcoin miners are basically an arms race; Uness you're developing your own ASICs and keeping it private, its not even worth buying ASIC-based hardware anymore because by the time you get it, the "difficulty factor" (steadily increasing artificial factor designed to limit the amount of bitcoins produced) has been raised so much by other people mining with similar hardware, there's not enough time left to recoup purchase price then make any profit before your hardware is no longer powerful enough mine enough to pay for its own electricity.

      The only viable way to make money with bitcoin these days is to just buy/sell/trade them and leave the mining to the big boys, who are mostly in China apparently.

    2. Re:Stupid and unprofitable by DontBeAMoran · · Score: 1

      What you said used to be true because the difficulty was ramping up every few weeks/months, but today it's much slower. The next jump is supposed to be around 2020. http://www.bitcoinblockhalf.co...

      --
      #DeleteFacebook
    3. Re:Stupid and unprofitable by Troed · · Score: 1

      The halving of block rewards (always every four years) has no relation to changes of difficulty (changes depending on total hashrate to keep block intervals regular).

      --
      it's in my head
    4. Re:Stupid and unprofitable by DontBeAMoran · · Score: 1

      Ah, I see. I thought the difficulty changed at the same time as the halving.

      --
      #DeleteFacebook
  10. Bitcoin, the currency of criminality by Anonymous Coward · · Score: 0

    One sucker after the other...

    1. Re:Bitcoin, the currency of criminality by ASDFnz · · Score: 2

      Bitcoin, the currency of criminality

      Na, that is USD.

      Sure, some people use bitcoin in their "criminal empire" but that is a mere pittance compared to normal fiat cash.

    2. Re:Bitcoin, the currency of criminality by Highdude702 · · Score: 3, Insightful

      100% Correct. Until drug dealers on the street start accepting Bitcoin for purchases, Its criminality hides in the shadow of the current USD. Im pretty sure you can buy drugs in almost any country on this planet with US Currency.

    3. Re:Bitcoin, the currency of criminality by ArchieBunker · · Score: 1

      Are you kidding? I could be independently wealthy now had I bought bitcoins back when they were worth pennies. I'd buy Amazon gift cards with bitcoins and then sell the cards for cash.

      --
      Only the State obtains its revenue by coercion. - Murray Rothbard
  11. FIRE HIM !!! by Anonymous Coward · · Score: 0

    FIRE HIM !!!
    Put him in jail.
    This is 1000 times worse than anything Hillary was accused of.
    JUST PROBATION????
    That 's CRAZY.

    1. Re:FIRE HIM !!! by HornWumpus · · Score: 1

      Hillary new the first rule: _Never admit to nothin._

      --
      John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
    2. Re:FIRE HIM !!! by Anonymous Coward · · Score: 0

      Hardly a new rule.

      The next rule is deny until the storm blows over.
      The next rule is to have a good scapegoat.
      The next rule is to say 'opps sorry' ....
      Profit

    3. Re:FIRE HIM !!! by Anonymous Coward · · Score: 0

      And don't leave any witnesses

    4. Re:FIRE HIM !!! by Tablizer · · Score: 1

      I suspect H actually didn't know. Most of, perhaps all, of the "problem emails" were sent TO her by others. She wouldn't just automatically know; should she keep asking for all 40,000 sent? Are we there yet? Are we there yet? Are we there yet? 40,000 fricken times.

      It shouldn't be her job to vet them anyhow, a low-level grunt could vet them for say 1/5 the cost. As far as the "(c)" markings, those are commonly used for many different things.

      Example:

      https://leginfo.legislature.ca....

      --
      Table-ized A.I.
    5. Re:FIRE HIM !!! by Tablizer · · Score: 1

      I don't think somebody should outright be fired for something like this. Fined and suspended for a few months is sufficient. People make mistakes and deserve a second chance, barring something extreme. Those punished are usually more careful than average anyhow. They are probably less likely to make more such mistakes than their replacement.

      If he/she does something stupid a second time, THEN boot 'em.

      --
      Table-ized A.I.
    6. Re:FIRE HIM !!! by Anonymous Coward · · Score: 0

      No the Problem emails are ones sent by her. Ones sent to her are not her legal responsibility other than failure to report them (a felony) but the Feds would then be going after every person who sent her classified information over the internet. Rather the problem is that she consistently sent classified data over the unclassified network. And act that intentional or unintentional is a felony count for every instance. And claiming it unintentional for repeatedly transferring classified information from the physically separate classified networks to the unclassified network is a very hard argument to make successfully in court. One or two instances you can usually explain away as accidental, hundreds? Not a chance, that was deliberate compromise of classified information.

    7. Re:FIRE HIM !!! by Tablizer · · Score: 1

      [An] act that intentional or unintentional is a felony count for every instance.

      Wrong.

      but the Feds would then be going after every person who sent her classified information

      I don't know why they are not, other than the "intention" bottleneck would keep coming up over and over. They were the originators of putting most the wrong info on the unclassified systems (regular generic office email) to begin with.

      --
      Table-ized A.I.
  12. Re:I wonder how such fool had admin rights to anyt by Anonymous Coward · · Score: 0

    Where I work, this many people are unable to access outside servers: 0.

    How many of them can connect to inside servers (DMZ does not count) from the outside?

  13. Why isn't he in jail? by Anonymous Coward · · Score: 0

    He installed this crap on a computer server at the U.S. central bank.
    Not his home computer but a server at the U.S. central bank.

    1. Re: Why isn't he in jail? by Anonymous Coward · · Score: 0

      He installed this crap on a computer server at the U.S. central bank.
      Not his home computer but a server at the U.S. central bank.

      Because the US doesn't have a central bank.

      The Federal Reserve banks are private entities, owned and operated by their members, to which they provide service.

    2. Re: Why isn't he in jail? by Anonymous Coward · · Score: 0

      except the Board of Governors for the Federal Reserve System, is a Federal Agency. The 12 regional banks aka The Federal Reserve Banks are private, yes, but they do report to the Board of Governors

      So AC is correct, he should be facing federal charges

  14. This has to be going on at a crazy level by Anonymous Coward · · Score: 1

    in small businesses and even medium sized enterprises where a small number of admins are gods (no regular outside audits) or security is weak to non-existent. I wouldn't be shocked if billion in electricity was being siphoned off like this illegally annually.

  15. Re:I wonder how such fool had admin rights to anyt by Anonymous Coward · · Score: 0

    The only reason he probably got caught is one of:

    1) An IDS that said, "this looks weird, this server has a few hundred connections open. Admin, please look further into this!"

    2) Someone inspecting processes on the server and being like, "bitcoin.exe?? What's that?"

  16. Need more hammers by Anonymous Coward · · Score: 0

    This guy in not the first and will not the last "cowboy". I have been in a meeting where a leader in the organization revealed that his staff connected from home into a government network. He laughed, put his finger to his lips to tell those in the room to be quiet about it.

  17. Re:I wonder how such fool had admin rights to anyt by R3d+M3rcury · · Score: 1

    He was a Communications Analyst, so I'm not at all surprised that he had access to the servers. But, again, while the eeeevil hacker getting access to your computer(s) is the thing that makes the news, most problems occur because of some employee, disgruntled or not, pulls something like this simply because they can.

  18. Re:I wonder how such fool had admin rights to anyt by Anonymous Coward · · Score: 0

    If Fed TI security is worth more than handfull of candies a normal user shouldn't even be able to login on a server. Access it from inside would be bad enough but it was from outside of all places (according to TFA).

    If anything it shows that Fed has (or had) no change approval workflow to speak of and servers are (were) just glorified desktops inside a datacenter.

  19. Buzz off with your pseudo-money by Doloresanto · · Score: 2

    Is there anyone who would seriously buy those bullshit bitsy shekels?

    1. Re:Buzz off with your pseudo-money by pla · · Score: 1

      Those "bullshit bitsy shekels" have a market cap over USD$15B, which would put it at roughly the 96th largest company listed on the NASDAQ if it were a company. So I'd have to say that yeah, a whole hell of a lot of people would seriously buy those bullshit bitsy shekels.

    2. Re:Buzz off with your pseudo-money by amacide · · Score: 1

      Those "bullshit bitsy shekels" have a market cap over USD$15B

      Enron ~2001... Real assets valued around USD$63B.

      So I'd have to say that yeah, a whole hell of a lot of people would seriously buy those bullshit bitsy shekels.

      Well, as that old saying goes... ;-)

    3. Re:Buzz off with your pseudo-money by apoc.famine · · Score: 1

      Sure. I've bought some bitcoin. Nothing more than I can afford to lose, however. $20 worth every year or two. I send fractions to folks on the internet, couple bucks at a time. I find it worth $20 every year to know that I can send random people around the world $1-$5 on a whim. I occasionally Reddit, and they've got ChangeTipBot and DodgeBot, where you can automagically send a couple bucks to someone. I've tossed out a few "bullshit bitsy shekels" for great posts and useful information.
       
      I'm well aware of the limitations of bitcoin, so I use it responsibly. Not everyone does, but millions of people around the world with $20 to burn adds up really quickly.

      --
      Velociraptor = Distiraptor / Timeraptor
  20. Breaking Even??? by IonOtter · · Score: 1, Interesting

    Today's current exchange rate is 5.41 coins for $5000.00.

    The article doesn't say how long he had the system running. But if it had any serious processing power, and he got 1 coin per month for six months? That's breaking even.

    If he managed to do it longer than six months, then that's a profit, especially since he didn't tie up too much time in court trying to plead not guilty.

    I would say, "Not bad!", but we don't know how long he was running the software. And he's not likely to say, either.

    --
    [End Of Line]
    1. Re:Breaking Even??? by Stan92057 · · Score: 1

      well since he wasn't paying the bills to run/use the hardware its all pure profit. 1 coin would have earned him 100% pure profit.

      --
      Jack of all trades,master of none
    2. Re:Breaking Even??? by gatfirls · · Score: 1

      If you take a longer view on the "profit" made. What's the difference in pay between a Network Communications Analyst at the Federal Reserve and a fry cook at the local hole in the wall cafe?

    3. Re:Breaking Even??? by Anonymous Coward · · Score: 0

      He had a 5k fine ;)

    4. Re:Breaking Even??? by DontBeAMoran · · Score: 1

      And if he has been mining since may 2010 or so, a $5000 fine is nothing. Heck, even a 5 million fine would be a joke to him.

      --
      #DeleteFacebook
    5. Re:Breaking Even??? by mmell · · Score: 0
      Um . . . if his cost was zero (government servers, government electricity) then I don't think 100% profit is quite accurate. 100% of zero is zero, last time I checked. I think what you meant was 100% of which was profit.

      Of course, under Trump there may be an alternative truth I haven't been made aware of, but until it's confirmed on Twitter or breitbart.com I'm going to assume what I was taught in school still holds.

    6. Re:Breaking Even??? by mhotchin · · Score: 1

      Profit = (Gross Income - Expenses) / Gross Income.

      Expenses =0 means 100% profit.

    7. Re: Breaking Even??? by Anonymous Coward · · Score: 0

      Um . . . if his cost was zero (government servers, government electricity) then I don't think 100% profit is quite accurate.

      The 'Fed' we are taking about here isn't what you think it is.

      There are no government servers, or government electricity used at the Fed.

    8. Re:Breaking Even??? by crtreece · · Score: 2
      Well, you would need an internet full of datacenters running CPU miners to make 1 BTC/month. A datacenter full of GPU miners might have generated some BTC, but still not in the 1/month range. To turn 1 BTC/m, you'd need to generate around 14 TERAhash/second An AMD 5870 GPU can do about 4 GIGAhash/sec and a Core i7 3930k can do about 66 MEGAhash/sec. Playing with the profit calculator from the first link shows a single gpu with no cost for hardware or electricity is going to generate about $0.07/month. The CPU miner will generate about $0.001196, which rounds up to a little over 1/10 of 1 cent.

      The article states "the server", implying there was only 1. I'd be surprised if the guy actually mined anything, and I don't see any way he made enough to cover the fine. That doesn't even take into account lawyers fees and diminished career opportunities.

      --
      file: .signature not found
  21. "It wasn't me" - also sung in TFA movie by Anonymous Coward · · Score: 0

    The "Shaggy defense" https://en.m.wikipedia.org/wiki/It_Wasn't_Me.

    Bonus geek factoid I just learned: Huttese version of the song was played in The Force Awakens. Maybe Abrams *was* trolling us...

  22. No data lost - the report claims by Bruce66423 · · Score: 1

    Let's try that again shall we?

    1) They haven't found any evidence of data being lost

    2) They lost a lot of data but prefer not to admit it....

    Absence of evidence is not evidence of absence!

  23. I find this Heartening by Anonymous Coward · · Score: 0

    A reasonable punishment for a digital crime.

  24. Unless your last name is Clinton by Anonymous Coward · · Score: 0

    You don't get to do that.

  25. Underpaid Staff by Anonymous Coward · · Score: 0

    This isn't just any bank it's the federal reserve. Do they not pay their staff enough to make this sort of thing a deterrence in itself? Apparently not. What was the risk of $5K vs his salary. Risk far outweighed the reward no matter how you look at it. Brings up an interesting thought about the culture there if he thought he'd get away with it...

  26. Now the question is: by LordHighExecutioner · · Score: 1

    can he pay the fine with bitcoins ?!?

  27. 5000 fine.... pffff by Anonymous Coward · · Score: 0

    Don't all Americans owe the federal reserve several 10's of thousands now? We gotta have those trillion dollar F-35 fighter jets... better "print" up some more electronic money and send another I-owe-you to the Fed.

  28. Eventually fired?! by martinfb · · Score: 1

    How does this work?
    Was the employee first fined, then put on probation, then eventually fired?!
    Is the employee fired after the 12 months probation?!

    Did the (sentencing) entity change their minds on this?

    --


    Self-importance and self-indulgence is the root of ALL evil.