Terry Childs Case (SF City Network Engineer convicted of hacking) and ICS

    July 14, 2011
    I had a an opportunity to hear the San Francisco Assistant District Attorney (ADA) that prosecuted the Terry Childs case, Conrad Del Rosario, present a summary. For those that are unaware, Terry Childs was the lead engineer (not network administrator) of the City of San Francisco’s FiberWAN. He was convicted of withholding access to the WAN and sentenced to 4 years in prison. 
    There were a number of issues that were of direct relevance to the ICS community:
    - Terry Childs installed many modems that no one else knew about.
    I had a an opportunity to hear the San Francisco Assistant District Attorney (ADA) that prosecuted the Terry Childs case, Conrad Del Rosario, present a summary. For those that are unaware, Terry Childs was the lead engineer (not network administrator) of the City of San Francisco’s FiberWAN. He was convicted of withholding access to the WAN and sentenced to 4 years in prison. 
    There were a number of issues that were of direct relevance to the ICS community:
    - Terry Childs installed many modems that no one else knew about.  This describes far too many industrial facilities today.
    - Lack of adequate configuration management/configuration control was a major issue just as in many industrial control system applications.
    - A major part of trial dealt with the term “denial of service” because of the IT definition of denial of service. In this case, not all data was withheld, but access was withheld from the “superusers”. It is questionable how “loss of control” or “loss of view” would be viewed in a court setting. 
    - The investigators and the technology department personnel never mentioned, and perhaps did not realize, that the water treatment facilities were also connected by the water system organization. If the DA would have known about that interconnection, they could have argued the greater impact Childs’ actions could have really caused, further justifying the higher bail and possibly stronger punishment. This is a similar situation to the Hatch Nuclear plant shutdown where IT and Operations did not know their systems were interconnected.
    - Evidence collection was a problem.  However, in the Childs' case it was not because they couldn’t take all necessary evidence away.  In the case of ICSs, there may be systems that cannot be taken away without impacting startup or operation. There needs to be further thoughts by the law enforcement community about this subject which is the reason for the proposed panel at the September ACS Conference.
    I am hoping to have ADA Del Rosario present a summary of the Childs case at the September Conference.
    Joe Weiss

    Continue Reading

    Sponsored Recommendations

    Municipalities are utilizing inline total solids measurements to enhance sludge thickening, lower polymer usage and cut operational expenses.
    Carbon dioxide is increasingly recognized as a vital resource with significant economic potential. While the conversion of carbon dioxide into products is still in its infancy...
    Discover our wide range of temperature transmitters that convert sensor signals from RTDs and thermocouples into stable and standardized output signals!
    An innovative amine absorption-based carbon capture process enables retrofitting of existing industrial facilities to reduce emissions in hard-to-abate sectors, with advanced ...

    Latest from Home

    Four interlocking hands
    Source: JJC
    Joliet Junior College and ISA’s Will-DuPage chapter recently assisted the Polished Pebbles program at Shoop Academy in Chicago with its Pink Hard Hat project to introduce African American and Latina girls to skilled trades, construction and manufacturing, including process automation and JJC’s Process Control Instrumentation Technology program. The project started with JJC hosting 25 students at an automation lab, career panel and networking event.
    The name of the computer virus Stuxnet in front of a binary background

    Most Read

    Sponsored