Feeds

Employee fired for probing bad guys awarded $4.7m

Termination was 'malicious, willful, reckless, wanton'

Eight steps to building an HP BladeSystem

A jury has awarded a former security analyst for Sandia National Laboratories $4.7m after he was fired for conducting his own investigation into computer attacks and taking his findings to authorities of a separate agency.

The judgment was more than twice the amount sought by Shawn Carpenter, who was dismissed by Sandia in January, 2005, according to FCW.com and other news outlets. The jury said the termination was "malicious, willful, reckless, wanton, fraudulent or in bad faith."

Carpenter initiated his investigation after detecting attacks on Sandia's network that originated from China, Romania, Italy and other countries and have come to be known as Titan Rain. After learning that similar attacks had been unleashed on Army bases and US contractors, Carpenter asked his superiors for permission to reverse-engineer the hacks so he could track down the perpetrators. His request was denied.

But Carpenter investigated them anyway, partly at the request of the FBI. When Sandia officials caught wind of the unsanctioned probe, Carpenter was fired.

A spokesman told us Sandia officials are disappointed and are considering whether to appeal. But he declined our request to discuss, even in the most general terms, their policies relating to the investigation of attacks that target their networks.

The episode underscores the morass confronting those trying to secure some of the world's most sensitive networks. Limited resources and bureaucratic rivalries have long been a challenge in reining in organized crime and espionage, and the growing wave of ever more sophisticated computer-generated rackets is making matters worse.

Notwithstanding some high-profile convictions against botnet ringleaders and other cybercrooks, much of the enforcement these days comes from self-appointed take-down groups such as PIRT (Phishing Incident Reporting and Termination), manned by individuals who donate their time and resources to help eliminate online menaces.

Philip Davis, an attorney who represented Carpenter, told PCWorld the verdict was a "vindication of his decision to do the right thing and turn over the information he obtained to the proper federal authorities in the interests of national security". ®

Maximizing your infrastructure through virtualization

More from The Register

next story
Airbus promises Wi-Fi – yay – and 3D movies (meh) in new A330
If the person in front reclines their seat, this could get interesting
UK Parliament rubber-stamps EMERGENCY data grab 'n' keep bill
Just 49 MPs oppose Drip's rushed timetable
Want to beat Verizon's slow Netflix? Get a VPN
Exec finds stream speed climbs when smuggled out
Samsung threatens to cut ties with supplier over child labour allegations
Vows to uphold 'zero tolerance' policy on underage workers
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
US freemium mobile network eyes up Europe
FreedomPop touts 'free' calls, texts and data
Big Blue Apple: IBM to sell iPads, iPhones to enterprises
iOS/2 gear loaded with apps for big biz ... uh oh BlackBerry
Price cuts, new features coming for Office 365 small biz customers
New plans for companies with up to 300 staff to launch in fall
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.