Cyber Security isn’t just about terrorism

SAN Francisco authorities are still locked out of the city's official computer network four days after a disgruntled employee removed access for everyone but himself. Computer engineer Terry Childs, 43, is being held on $US5 million ($5.1 million) bail after refusing to hand over the password to San Francisco's FibreWAN system. The network handles up to 60 per cent of the city's government data such as emails, employee financial details, police documents and jail records. Childs was arrested earlier this week after deleting all accounts with access to the system but his own. The engineer worked in the San Francisco Department of Technology and earned up to $US127,000 a year but had recently been disciplined over poor performance, The San Francisco Chronicle reported. Childs, who has a previous criminal conviction for aggravated robbery, gave police a false password to the system and later refused to reveal the real one, the paper said.   It is unclear if Childs gave himself sole access to the system with malicious intent. In the past months Childs had become unusually protective of the FibreWAN system, which he helped to design and build, reports said. "He was very good at what he did, and sometimes that goes to people's heads... and we think that's what this is about," said San Francisco Mayor Gavin Newsom. The city has called in engineers from Cisco Systems to regain access to the network, but the process could take several weeks
Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.

Comments

  • <p>This points to the trust we place in giving someone the root passwords to an entire network such as this. Perhaps there is a way that we can divide up the passwords and authorities such that the network has two or three functional pieces which can function independently.</p> <p>Too many IT departments automatically seem to think that security means consolidation and centralized control. There are alternatives, but they involve more expense and distribution. These are things Control Systems Engineers are intimately familiar with (failure mode analysis and so forth) and may be able to help...</p>

    Reply

  • <p>Hi Joe &amp; Jake. If you read the article posted here. <a href="http://www.cio.com.au/index.php/id;1538994766">http://www.cio.com.au/index.php/id;1538994766</a></p> <p>I think this is probably the best one I have read and it sounds plausible and something I can definitely relate to as a situation.</p> <p>My story:</p> <p>I designed the radio network for my salt mine SCADA system and as a result of the organisation not wanting to pay for the design I retain the IP of the network - despite a number of people not being happy about the situation. I am openly still rather pinged off about my whole situation as to how I have been treated about it all.</p> <p>I can be called a disgruntled employee and I think rightly so. I don't think that my situation is unique and is probably more commonplace that what any manager or many of us will care to admit.</p> <p>I have been where this chap has in terms of situation - responsibility workload, being permanently on call- grossly taken advantage of by the way I think he has been treated - intentionally or otherwise by the city of SFO management etc.</p> <p>I have been reprimanded for several "performance issues" post uncovering my salt mine's hacking event and it still hurts me emotionally quite a LOT. But I manage and channel my "hurt" in a positive way and that is very important.</p> <p>My point in raising this is for us all to remember that we all need to be very careful as to how you handle and manage something like this when we are faced with it. Organisational culture issues are common in the industry. I talk about culture problems all the time.</p> <p>I believe this is a very important aspect of a lot of cyber incidents involving trusted insider events and we all should talk about this aspect more.</p> <p>DHS released a paper on Defense in Depth a while ago and it talked about the people side of the philosophy. If someone finds the paper pls send me a copy as it is excellent.</p> <p>When something like this happens to you is what you find separates us all. People all behave very differently when placed into survival mode and many crumble and will do ANYTHING to take someone else down so they can get off.</p> <p>How you put in place traceability of your actions is a very important to our career security.</p> <p>I have been accused of being angry and of being un-professional by people trying to "manage me" to try every dirty trick in the book so I will give away my IP for free. (Ain't going to happen) Most people know that I share knowledge and my experiences quite freely. I had the privilege of the best mentors and peers when I was growing up -some real leaders and I would like to think that this is what gets me thru these sorts of situations and is something we all should have and maintain throughout our career. Peers Mentors and seek out and interact with great leaders.</p> <p>As a result of my environment I allow the organisation to use the network design. I have documented the network and configurations and have shared and explained the network design with other people that support the system. Frankly not too many people really understand how it works in any case it is just so complex. Outside contractors have tried to reverse engineer and copy the design and most fail because most people working in the space don't understand RF. I openly talk about the situations so that I can cope and better understand and maintain a balanced perspective on it all.</p> <p>From a technical stance Jake I think you are correct as usual. I want to remind people of the need to look after each other and the people working on these systems are our greatest strength if we nurture each other correctly.</p>

    Reply

  • <p>This example like most trusted insider events I have reviewed or have knowledge of have a lot more human elements to it. I suspect this event is far more complex than the surface we are seeing permits.</p> <p>For us all we need to learn from this situation. I for one have been in a very similar situation and on more than one occasion. How we handle ourselves is very important as we all can potentially end up in his sort of situation as all the people involved manipulate and manage the situation.</p> <p>The questions I would like people to ask and investigate are related to human resourcing. Jake I think you are on the right track technically and with the Human aspects. It is a very important part of our Defense in Depth philosophy.</p> <p>Surrounding ourselves with the right mentors, peers and colleagues seeking out leaders (note not just managers) and interacting them all is very important. Learning to disconnect from the environment is very difficult for us technical people to do but very necessary. Learning when and how to give ownership to the people that should take responsibility for problems is very important as well. I think it is also very important that you have succession and contingency planning in place for effective operation of our systems.</p> <p>I think your comment of neglect in a broader context has a LOT of merit Jake.</p> <p> I have certainly been the brunt of a lot of organisational neglect at times. How we deal with and recognise it as technical people is something we need to learn about!</p>

    Reply

RSS feed for comments on this page | RSS feed for all comments