Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rogue System Administrator Faces 10 Years In Prison For Shutting Down Servers, Deleting Core Files On the Day He Was Fired (techspot.com)

Posted by BeauHD on from the bad-day dept.

Joe Venzor, a former employee at boot manufacturer Lucchese, had a near total meltdown after he got fired from his IT system administrator position. According to TechSpot, he shut down the company's email and application servers and deleted the core system files. Venzor now faces up to 10 years in prison and a $250,000 fine. From the report: Venzor was let go from his position at the company's help desk and immediately turned volatile. He left the building at 10:30AM and by 11:30, the company's email and application servers had been shut down. Because of this, all activities ground to a halt at the factory and employees had to be sent home. When the remaining IT staff tried to restart them, they discovered the core system files had been deleted and their account permissions had been demoted. Eventually the company was forced to hire a contractor to clean up all of the damage, but this resulted in weeks of backlog and lost orders. While recovering from the attack was difficult, finding out who did it was simple. Venzor was clearly the prime suspect given the timing of the incident, so they checked his account history. They discovered he had collected usernames and passwords of his IT colleagues, created a backdoor account disguised as an office printer, and used that account from his official work computer.

15 of 237 comments (clear)

  1. At a boot manufacturing facility? by xevioso · · Score: 5, Funny

    I guess he did not like getting the boot.

    1. Re:At a boot manufacturing facility? by K.+S.+Kyosuke · · Score: 3, Funny

      When the remaining IT staff tried to restart them, they discovered the core system files had been deleted and their account permissions had been demoted.

      I don't understand what kind of boot manufacturing facility cannot boot their servers. Surely not one that I would buy my boots from!

      --
      Ezekiel 23:20
  2. Disguised as an office printer by PPH · · Score: 5, Funny

    It all happened so fast, officer. He ran that way. He was short, beige and had a tattoo that said Lexmark.

    --
    Have gnu, will travel.
  3. Re:this is why you need two factor auth by MichaelSmith · · Score: 3, Insightful

    An admin can still override authentication. Whats needs is to bring the new admin in before you sack the old one. He removes admin privileges from the guy being sacked. That, or isolate the system from the outside world for a while but in this day and age that may be impossible from a business perspective.

    --
    http://michaelsmith.id.au
  4. I don't quite get it by 93+Escort+Wagon · · Score: 5, Informative

    Are we supposed to be outraged or something? It sure sounds like the guy deserved to be fired - and, based on the actions he took after being fired, he deserves prison time and a significant financial penalty.

    --
    #DeleteChrome
  5. I always delete core files by ooloorie · · Score: 4, Funny

    They are a bloody nuisance and just take up disk space.

  6. Sloppy. by Gravis+Zero · · Score: 5, Informative

    Come on, people, if you are going to get revenge on the company that canned you, you're supposed to set up a daemon on day one that checks to see if you have logged in the last month and then begins corrupting backups as they are made for the next 5 months, at which time it will execute a total system meltdown that results in total data loss! I swear, you youngin's know nothin' about properly destroying the lives of those who have wronged you! ;)

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:Sloppy. by onepoint · · Score: 4, Interesting

      And while I know you are sarcastic, it's people that think in this manner that ruin people's lives for years. I Almost lost my company if it was not for my backup policy. I would do back-ups monthly myself on Saturday morning and retrieve the cassettes Sunday afternoon, take them home and store. an employee that I fired for doing something real bad did a time bomb on the payroll system and sent a system-wide delete. well long story short, 3 days of employee's working part time with note pads I got a basic restore done, then one system at a time did re-installs ... 2 weeks later we were back in business.

      to this day I keep backup's of data, spare computer laptops just in case, and 1 month payroll and 1 month of expenses LOL never again I hope

      if the business would have failed, it would have cost 38 people's employment and my business ruined.

      safe to say, that I never let only 1 person handle backing up the systems ever

      --
      if you see me, smile and say hello.
  7. Re:this is why you need two factor auth by Zontar+The+Mindless · · Score: 3, Insightful

    You're spelling it g-o-o-d but pronouncing it "evil and incompetent".

    It's not your system--it's your employer's. If you feel that you have to make yourself "indispensable" in such a fashion, you're doing it wrong.

    --
    Il n'y a pas de Planet B.
  8. Re:this is why you need two factor auth by Anonymous Coward · · Score: 3, Insightful

    If you want to be vengeful, thank your former employer for the job on the way out the door and ask for a letter of reference. Then go get a similar job at another company at a higher wage knowing you would never have gotten such a raise at your former employer's.

  9. 10 years in prison? by Anonymous Coward · · Score: 4, Insightful

    Don't get me wrong, this guy certainly deserves punishment if guilty, but 10 years? Did any CEOs or politicians get 1 day of jail time for the 2008 financial crisis?

  10. Re:this is why you need two factor auth by dbIII · · Score: 4, Interesting

    That sort of canary happens by accident instead of design when systems grow "organically" with all kind of weird interdependancies, especially on very low budgets. I started work at a place like that once and my initial goal was to remove every little quirk that needed feeding every day so that I would be free to spend time at the beach every now and again.
    I seem to remember some years ago stories of suppose dead man switches and sabotage would come out when the reality was fragile systems carefully looked after by people who never got to train a replacement.

    This story is of course different - but ten years? Corporate crime with consequences of shutting down companies completely doesn't get ten years, serious embezzlement doesn't get ten years - why should this sort of corporate crime get ten years?

  11. Re:Remote access by MichaelSmith · · Score: 3, Interesting

    In a professional environment yes, but in some places the sysadmin would be most of the IT department, leaving nobody to shut down remote access. Many places these days rely on cloud services for B2B and retail. Shut down the internet and you stop the business. You could shut down remote VPN access but who is to say he hasn't got his own version of a daemon running somewhere?

    --
    http://michaelsmith.id.au
  12. Re:Help Desk?!? by dbIII · · Score: 4, Interesting

    a company that is dumb enough

    The answer is "small" not dumb. If there isn't a lot to do a single server can get the job done.
    If I was in that situation I'd want to keep the server hardware up to date and have a working older server ready to turn on when something goes wrong, but I don't see that a single server was the problem here.

  13. Re:this is why you need two factor auth by arth1 · · Score: 3, Interesting

    A good canary won't rely on the owner hand feeding it; but will accept food from authorized automatons.
    If the user's account is closed, the canary will no longer be fed by the golems, and will peck the neener button. But the user going on vacation or to hospital won't cause the account to be closed, and the golems continue feeding the canary.