IT Admin Trashes Railroad Company's Network Before He Leaves (bleepingcomputer.com)

← Back to Stories (view on slashdot.org)

IT Admin Trashes Railroad Company's Network Before He Leaves (bleepingcomputer.com)

Posted by msmash on Friday October 13, 2017 @08:00AM from the stranger-things dept.

Catalin Cimpanu, writing for BleepingComputer: A federal jury in Minneapolis, Minnesota found a local man guilty of intentionally damaging his former employer's network before leaving the company. The man's name is Christopher Victor Grupe, 46, and from September 2013 until December 2015 he worked as an IT professional for the Canadian Pacific Railway (CPR), a transcontinental railroad based in Alberta, Canada. Things went sideways in December 2015 when CPR suspended Grupe for 12 days for yelling and using inadequate language with his boss. When the man returned to work following his suspension on December 15, management told Grupe they were going to fire him for insubordination. According to court documents obtained by Bleeping Computer, Grupe asked management to resign, effective immediately. He promised to come back the following days and return company property such as his laptop, remote access device, and access badges. He did return the items, as promised, but not before taking the laptop for a last spin inside CPR's network. Court documents show Grupe accessed the company's switches and removed admin accounts, changed passwords for other admin accounts, and deleted log files. When done, Grupe wiped his laptop and returned it to CPR's Minnesota office on December 17, two days after he resigned.

24 of 212 comments (clear)

Min score:

Reason:

Sort:

What an Idiotic Company by Anonymous Coward · 2017-10-13 08:03 · Score: 4, Insightful

Why do you leave somsone's access privileges in place when you're in the middle of firing them?
IMHO, they deserved what they got.
And this is why you disable accesss..... by Drakonblayde · 2017-10-13 08:03 · Score: 5, Insightful

*before* you tell someone you're going to fire them.
1. Re:And this is why you disable accesss..... by Anonymous Coward · 2017-10-13 08:13 · Score: 5, Informative
  
  That assumes competent people, in HR as well as in IT. Competent people cost money, "management" does not want to spend money, obviously, if "management" tells an admin with full network access, they are going to fire him...
2. Re: And this is why you disable accesss..... by JohnFen · 2017-10-13 08:22 · Score: 5, Interesting
  
  This may be problematic if you're going to fire the very person that would be performing said actions.
  Who has only one person that has admin access to their systems?? What if that person gets hit by a car or quits without notice or something? Shit happen, after all.
  That's as insane as telling someone they're being let go before you remove their credentials.
3. Re: And this is why you disable accesss..... by K.+S.+Kyosuke · 2017-10-13 08:24 · Score: 3, Insightful
  
  It's almost as if they were incompetent in general...
  
  --
  Ezekiel 23:20
4. Re: And this is why you disable accesss..... by Chris+Mattern · 2017-10-13 08:25 · Score: 3, Insightful
  
  This may be problematic if you're going to fire the very person that would be performing said actions
  If you've only got one person who can do this, then you already have a very large problem.
5. Re: And this is why you disable accesss..... by jordanjay29 · 2017-10-13 08:32 · Score: 4, Insightful
  
  Or if fellow IT members don't agree with firing them. Or they give fired employee a heads up before the meeting. "Hey Chris, they just asked me to remove your access, something's up."
  
  You basically need the IT head (who, if they can't be objective, can at least be counted on to be professional) in HR's office or on the phone before the fired employee leaves the room and make sure it's done.
6. Re: And this is why you disable accesss..... by decep · 2017-10-13 09:10 · Score: 5, Funny
  
  What if that person gets hit by a car
  Or a train...
7. Re:And this is why you disable accesss..... by Snotnose · 2017-10-13 11:29 · Score: 4, Interesting
  
  *before* you tell someone you're going to fire them.
  CSB. One morning some 20 years ago I was in the sysadmin's office talking to him when some guy popped his head in and said he couldn't log in. Sysadmin said "damn, that wasn't supposed to happen until next week".
  
  Sure enough, next week there was a layoff and the guy who couldn't log in was one of the head reductees.
Well... did they? by rfengineer · 2017-10-13 08:04 · Score: 5, Funny

"According to court documents obtained by Bleeping Computer, Grupe asked management to resign..." What was management's answer when asked to resign? Did they?
1. Re:Well... did they? by freeze128 · 2017-10-13 08:22 · Score: 4, Funny
  
  I had no idea I could just ask management to resign. I'm totally going to do that from now on.
2. Re:Well... did they? by Rei · 2017-10-13 08:38 · Score: 5, Funny
  
  Employee: "I've been working project you assigned me last but I don't have enough to get it done."
  Boss: "Excuse me?"
  Employee: "Do you not want me to the project or should I instead?"
  Boss: "... Can you please use adequate language when speaking with me?"
  Employee: "Go yourself."
  
  --
  I'll BUILD someone to replace you. Some kind of gamma-powered monster, with a heart as black as coal!
Huh? by msauve · 2017-10-13 08:06 · Score: 3, Informative

"...using inadequate language..."

ITYM "inappropriate."

--
"National Security is the chief cause of national insecurity." - Celine's First Law
And programmer [Re:What an Idiotic Company] by XXongo · 2017-10-13 08:06 · Score: 4, Insightful

And what an idiotic IT professional! You'd think he'd have enough sense to not leave his fingerprints all over the sabotage.
IMHO, they deserved what they got.
1. Re:And programmer [Re:What an Idiotic Company] by ShanghaiBill · 2017-10-13 08:42 · Score: 4, Insightful
  
  Anyone who plans to sabotage anything like this on the way out the door deserves everything that comes to them
  Sure, the sabotage was criminal and wrong. But leaving access enabled was still stupid, especially when they knew this guy was irrational and had anger issues.
  Burglars should go to jail, but I still lock my front door.
inadequate language [Re:Huh?] by XXongo · 2017-10-13 08:10 · Score: 4, Funny

"...using inadequate language..."
I never realized it before now, but I have exactly that problem, inadequate language to deal with my boss
Busted by the logging buffer... by Drakonblayde · 2017-10-13 08:11 · Score: 3, Informative

So reading through the article, it looks like he was smart enough to get rid of the records of his access on the logging servers, but got caught because he forgot to clear the logging buffers on the network gear.
Hope it was worth it!
Stupidest managers ever by argStyopa · 2017-10-13 08:12 · Score: 5, Insightful

"We've found you SO insubordinate that we have to FIRE you from the company. But yes, we trust you Mr NetAdmin, to take your company laptop home with you."
Jesus. He's in trouble, but I hope for humanity's sake THEY didn't reproduce.

--
-Styopa
1. Re:Stupidest managers ever by barc0001 · 2017-10-13 09:18 · Score: 3, Insightful
  
  As a Canadian who is familiar with various aspects of CP Rail, yeah, they are *that* stupid. The only reason they're profitable is inertia and little competition other than CN, who also has similar intelligence problems.
IT Professional ?? by nomad63 · 2017-10-13 08:16 · Score: 3, Interesting

Really ? They call him a "Professional" ? On what basis ? Professionals do not scream at other people and use profanity, let alone to their bosses. And when professionals understand that their services are not wanted, they just leave quietly unless their opinions are explicitly wanted, at which point they can criticize their superiors skills or lack there of, using a proper language. Trashing an ex-employer's equipment is childish at best. Far from being a professional. Regarless how bad your management may be. Definitely in the list of "Absolute no-no's" of a professional.

--

__________
The more I know people, the more I love animals
inadequate language? by fahrbot-bot · 2017-10-13 08:19 · Score: 4, Funny

... suspended Grupe for 12 days for yelling and using inadequate language with his boss.
So, he wasn't rude enough?

--
It must have been something you assimilated. . . .
Re:Not guilty by deviated_prevert · 2017-10-13 09:07 · Score: 3, Funny

Why, because of his exemplary professional behavior? Also, who would be insane enough to hire him now?
Equifax Argentina division, he would most likely do a bang up job securing their servers. At least he knows how to effectively lock down and change admin passwords in a Windows server setup which is a skill that seems to elude Equifax IT specialists.

--
This message was not sent from an iPhone because Peter Sellers really was a deviated prevert without a dime for the call
NEVER burn your bridges by Fencepost · 2017-10-13 10:02 · Score: 3

Aside from the things the company did wrong (and firing network admins is always difficult), the real stupid move in this story is the sabotage.

This guy will likely never get hired as an IT staffer again. Sure the company was going to fire him, but in the modern world of "All we can confirm is that he was employed here from X to Y" his reason for departure was going to be an interview question, not something that was going to come up in reference checks. Now even ignoring that searching for his name is going to bring this up, he can't network for jobs with anyone he worked with, anyone who know those folks, and probably out to the second degree.

I guess that's one way to make sure you follow through on your dreams of a career change.

--
fencepost
just a little off
Re: This is why we'll never be taken seriously by Reverend+Green · 2017-10-13 10:38 · Score: 3, Insightful

If doctors were treated as badly as IT, a lot more people with be afraid to go to the hospital.