Server sabotage plot backfires on sys admin

Bridget Botelho has an interesting post on the DataCenter.com ServerSpecs blog about a recent story from Reuters covering a sys admin sentenced to 30 months in prison after his plot to wipe out his pharmacy benefit management company’s servers with a logic bomb — out of fear he was about to lose his job.

Network managers spend a lot of time protecting the network from common insider user threats such as sharing sensitive data over P2P or careless use of public wireless networks… (see Five common insider threats and how to mitigate them as an example). But who protects the network from trusted IT pros who do something irresponsible or intentionally harmful?

I don’t like it (but find it fascinating) when geeks perpetuate negative stereotypes about geeks — for example, the story of Hans Reiser, the Linux visionary accused of murdering his wife. In Reiser’s case, he didn’t use technology as his weapon, he used it as his defense: The “geek defense,” or “I’m a geek; I’m socially inept, but that doesn’t make me a murderer.”

I once knew a boy who hacked into a library’s computer network through a public terminal (this was back in the green text-on-a-black screen days) just to impress a girl. He sent all the terminals in the library into some kind of diagnostic that would tie them up for hours, and the girl was not amused. His reasoning seemed to be that if he was smart enough to do that and the library staff was dumb enough not to prevent him, then they deserved what they got.

I suspect that boy’s attitude was shared by the logic bombing sys admin, and tends to be common among disgruntled computer geeks everywhere. And it is probably perpetuated every day by the kinds of non-IT co-workers who say things like, “I don’t care how it works, just fix it.” So maybe the moral of the story is: Be nice to your IT guy, because you never know if he’s an evil genius with a chip on his shoulder (or a misguided impulse to impress a girl).