by Thomas Wailgum

When Rogue IT Staffers Attack: 8 Organizations That Got Burned

Aug 04, 20094 mins
IT LeadershipIT StrategySecurity

Many call them rogue IT staffers, others might consider them IT heroes, and some are still innocent until proven guilty. But whatever the name or intention, these tech-savvy employees wreaked havoc at their organizations - and paid a price.

Passwords? What Passwords?

In 2008, network admin Terry Childs (on right) brought the City of San Francisco to its knees, resetting admin passwords to routers and switches on the city’s FibreWAN network and then declining to hand over those passwords. The result? A locked down network and a frazzled Department of Telecommunications and Information Services in the city by the Bay. Childs was forced to trade in his office attire for the orange jumpsuits of the California penal system.

Mon Dieu, Jerome!


Jerome Kerviel became one of history’s most loathed Frenchmen (right up there with Napoleon Bonaparte, Maximilien Robespierre and race-car driver Jean Girard in Talladega Nights) when the rogue trader and IT pro used his tech skills to subvert Societe Generale’s systemwide safeguards and security controls. Kerviel’s exploits (which led to $7.2 billion in losses for one of France’s largest banks) as well as his ever-present mug shot became intertwined with the disgraces of the financial services industry and the fall of the global economy. Once out of jail, Kerviel began working at a computer security and systems development firm.

Dissing a National Hero


After a series of hacks on Sandia National Laboratories’ network in 2004, Shawn Carpenter, a network security analyst, launched his own investigation, linked the attacks to a Chinese group and discovered that U.S. government documents had been stolen. Carpenter shared this with the U.S. Army and FBI. In response, Sandia fired Carpenter in 2005 for “inappropriate use of confidential information.” But in 2007, a jury awarded Carpenter $4.7 million in his wrongful termination suit and in the process transformed him from a rogue IT worker into a national hero.

The World’s Largest Retailing Spy?


In 2007, Wal-Mart officials disclosed that during a four-month period in 2006 one of its systems technicians, Bruce Gabbard, had monitored and recorded telephone conversations between Wal-Mart public relations staffers and a New York Times reporter. “These recordings were not authorized by the company and were in direct violation of the established operational policy that forbids such activity without prior written approval from the legal department,” Wal-Mart said in a statement. Gabbard, who was fired, claimed in a Wall Street Journal interview that his “spying activities were sanctioned by superiors.” Gabbard today is owner of Forensic Survey, a computer investigations service.

The Case of the Golden Code


News broke in July that Sergey Aleynikov, a former high-level programmer at Goldman Sachs, had allegedly tried to steal code that allowed the bank to “engage in sophisticated high-speed and high-volume trades on various stock and commodities markets,” according to news reports. Debate over just how much the code is actually worth rages on, as Aleynikov, who has pleaded not guilty and is out on bail, awaits his day in court.

To Catch a Spy


The FBI’s Robert Hanssen became an “IT guy” at the latter part of his 25-year career, when the FBI suspected his espionage activities with the Soviet Union and, later, Russia. Hanssen became a supervisor of computer security, and it was ultimately his Palm PDA, where he stored classified documents, that allowed FBI agents to catch him. Like other IT people who go rouge, the FBI said this about Hanssen: “The trusted insider betrayed his trust without detection.” Hanssen is now in jail, serving his sentence: life in prison without parole.

Beware the Server Bomb!


In January 2009, Unix engineer and IT contractor Rajendrasinh Makwana was indicted in U.S. federal court for allegedly planting a “server bomb” on Fannie Mae’s servers. Makwana, who had been a temporary contract worker at the mortgage giant, was charged with embedding a malicious script in fall 2008. The script was to go off on Jan. 31, 2009 and “would have disabled monitoring alerts and all log-ins, deleted the root passwords to the approximately 4,000 Fannie Mae servers, then erased all data and backup data on those servers by overwriting with zeros,” causing millions of dollars in damage, according to a Computerworld article. By chance, a Fannie Mae employee discovered the malicious script before it went off. Makwana has been released on $100,000 bond and is awaiting trial.

‘Just Doing My Job’


Starting in 2003, an IT executive at Morgan Stanley named Arthur Riel began monitoring MS executives’ e-mail and found what he considered dubious business ethics, potential conflicts of interest and sexual banter within Morgan Stanley’s executive ranks that ran contrary to the bank’s code of conduct. Riel claimed he was just doing his job. Morgan Stanley execs thought different: They dismissed him from his $500,000-a-year-job and a lawsuit ensued—with Morgan Stanley being vindicated in the end. Riel went on work at an e-mail security company.