It might be the ultimate insider-threat scenario. The Internet is full of stories from San Francisco where a computer network administrator has gone bad. As of Tuesday night, Terry Childs was sitting in a city jail and not handing over the computers passwords required to properly administer city networks. If this situation wasn't so serious, I'd be tempted to think this was a movie promo.
The San Francisco Chronicle ran a series of stories on the situation from an initial description of what happened yesterday to another late Tuesday update on the situation. He's an excerpt from the first article:
"Prosecutors say Childs, who works in the Department of Technology at a base salary of just over $126,000, tampered with the city's new FiberWAN (Wide Area Network), where records such as officials' e-mails, city payroll files, confidential law enforcement documents and jail inmates' bookings are stored.
Childs created a password that granted him exclusive access to the system, authorities said. He initially gave pass codes to police, but they didn't work. When pressed, Childs refused to divulge the real code even when threatened with arrest, they said."
SC Magazine was one of many technology sources online that analyzed the situation yesterday. "The systems affected continue to work, though with only limited or no access." They pointed out how most of us grant access based upon staff trust.
This situation is a harsh reminder to each of us that separation of duties is not just an audit requirement - but an essential operational process for every IT organization.
The city should get him back by submitting his email address to a bunch of spam lists. Wonder what he will do in prison without internet access...