San Francisco is being forced to overhaul security measures on the computer network that controls data for its police, courts, jails, payroll and health services, as well as other crucial information, after the technology administrator entrusted with the system blocked access for everyone but himself last month and for days refused to reveal the password, even from jail.
Terry Childs, 43, was arrested July 13 at his suburban home, where police found $10,000 in cash, diagrams of the city-county computer network, a co-worker's access card, a loaded 9mm magazine and several loose .45-caliber rounds. Under the user name Maggot617, he hijacked the system and refused to turn over passwords for the network, which superiors belatedly discovered only he controlled. The standoff ended July 21 when Childs relinquished the passwords to Mayor Gavin Newsom in his jail cell.
"I don't want to make it sound hopeless," but "when I go around and give talks, it seems like people don't really understand their risk of being the victim of insider sabotage," said Dawn Cappelli, a specialist in insider threats with CERT, the Carnegie Mellon Software Engineering Institute's Computer Emergency Response Team, which studies security vulnerabilities.
"If you have IT, then it can happen to you."
Childs faces four felony counts of computer network tampering and one penal-code violation for causing losses in excess of $200,000. He has pleaded not guilty but remains in custody in lieu of $5 million bail.
The ordeal has spurred the city's IT department to bolster network oversight and to consider hiring outside auditors to monitor a security upgrade. City officials also will review all access to its FiberWAN network, the hub through which payroll, e-mail and criminal files flow.
It has also persuaded other cities to scrutinize their own systems.
"When these things happen, it forces us to focus on it," said Janis Benton, deputy director of Houston's IT department. "I'm sure we're all looking at this in disbelief. And everybody is going to go back and visit their layers of security."
Such insider threats are a familiar story in the business world, but not so - at least not publicly -- among local governments. But the scale of San Francisco's cyber-standoff has gained the notice of big-city IT administrators and computer experts, who scratch their heads at how it could have happened.
"It's rare to have a shutdown of this magnitude in a big city," said Edward W. Felten, director of the Center for Information Technology Policy at Princeton University. "This is the type of failure that would only be caused by a major problem - a major disaster or something like it."
Though all IT departments are vulnerable to attacks from within, most focus on outside threats, Cappelli said. But they should, she said, because in some case, the consequences can be life-threatening.
One city, which she declined to name, faced such a problem when a contract IT administrator altered its 911 system, hoping that fixing it would bring him notice. Consequently, the system that filtered the emergency calls no longer provided dispatchers the caller's address. Cappelli said: "He wanted to look like a hero, but unfortunately he was arrested."
Childs compromised more than 1,100 devices and created unauthorized network doorways, allowing him unfettered and undetectable access. He collected pages of user names and passwords, including his supervisor's, to use their network log-ons. And he downloaded thousands of gigabytes of city data - possibly privileged information, such as police reports and e-mails - to a personal encrypted storage device. Experts still aren't sure what data the device contains. |
