Feeds

The 10 baddest IT pros

BOFHs who got caught

  • alert
  • submit to reddit

The Power of One Brief: Top reasons to choose HP BladeSystem

In 2008 a survey of 300 sysadmins by Cyber-Ark grabbed a lot of press coverage when a whopping 88 per cent of respondents said they would steal company information if fired.

BOFH 2

BOFH: Let's go to work!

One quarter said their organisations had suffered internal sabotage and security fraud, and one third believed that industrial espionage and data leakage had occurred within their company.

Could this be why BOFH (the Bastard Operator from Hell), Simon Travaglia's long-running column about a fictional psychopathic sysadmin-cum master of social engineering, is so popular?

A lot of sysadmins were having fun perhaps at Cyber-Ark's expense. But halve the figures and then halve again - and that's still a lot of rogue IT employees out there. And a lot more who would go nuclear if you diss their gruntle or fire them.

It's surprising then how few IT pros end up in court. Perhaps the other baddies are evil geniuses or maybe their ex-employers prefer to sweep internal mishaps under the carpet.

We can speculate - but we can tell you about the worst ones who got caught - all except one ended up in court.

In descending order here is our league table of the 10 baddest IT pros. We have also set up a poll for you to vote on your top rogue employee. And please do share your experience of co-worker evilness in the El Reg Forums.

To the list.

10. Traffic light saboteurs

Gabriel Murillo and Kartik Patel, traffic engineers, LA. In 2006, Los Angeles traffic engineers went on strike. As a precaution, managers blocked access to the computer that controlled the city's 3,200 traffic lights but two strikers Murillo and Patel used stolen supervisor credentials to gain access.

Inside, they disconnected signal control boxes at four of the city's busiest intersections. Murillo then hacked the system to prevent managers from reconnecting the lights. It took four days to restore the system.

Wired.com names this caper as one of the top 10 cybercrimes of the Noughties. Really? The judge who put Murillo and Patel on probation appears to have more perspective.

More.


9. Not deadlier than the male

Patricia Marie Fowler, IT technician, Florida, was sentenced to 18 months in prison and ordered to pay restitution of $17,243 for interfering with employee records at the Suncoast Community Health Centers (SCHC) located in Ruskin, Florida.

Fowler makes our list as she is one of just two females IT pro gone bad that we have uncovered.

More.


8. The cable-cutting engineer

Terrance Tan Khoon Shan was handed a 15 month prison sentence after the disgruntled engineer was found guilty of cutting $185,000 worth of fibre optic broadband cables.

Tan's defence argued that he had mental problems and when that was rejected by the judge, said his crime was merely opportunistic. That was rejected too - after all, "opportunistic" is an unusual description for the 617 separate occasions that Tan cut the cables.

More.


7. Drunk and upset

David Anthony Mcintosh, IT consultant, Australia, deleted 10,475 user accounts belonging to employees of Australia's Northern Territory government. It took 130 experts five days at a cost of $1.25m to restore the system. McIntosh resigned his job at the NT gov in April 2008 and a month later sabotaged its system, to try to prove that there were security vulns.

Also he was drunk and upset that his fiancee had broken off their engagement. McIntosh was sentenced to three years and four months and said he would retrain as a chef on his release. God forbid he breaks up with his girlfriend again.

More and more.


6. The IT urine bandit

long hair, long goatee

Foley: I know you need a toilet break but this is taking the piss

Raymond Charles Foley, IT worker, Iowa, was dismissed and charged with criminal offences after urinating on the chairs of female colleagues he found attractive. Foley searched the employee database to seek out his hotties. "I was doing inappropriate things I shouldn't be doing," he told his employer. Well, yes.

Foley's company, Farm Bureau Financial Services, spent $4,500 to make good the damage. We guess Foley's marks got new chairs.

Our report on Foley's arrest prompted this comment from Reg commentard 'Tom 7": "My boss fancies me a LOT judging from the way he shits on me."


5. San Francisco lock-out

Terry Childs, network engineer, San Francisco, is probably the most infamous rogue IT employee of all. He was arrested in June 2008 for refusing to reveal the passwords of San Francisco's main computer network. He said he never intended any harm, but did not trust his bosses with the passwords.

San Francisco was locked out of its FiberWAN network for 12 days and Childs served two years in jail. In May 2011, Childs was ordered to pay $1.5m to the City of San Francisco in restitution costs.

More.


4. Tried to kill Fannie Mae

Rajendrasinh Babubhai Makwana, a Unix sysadmin from Maryland, was sentenced to three years in January 2011 for trying to wipe out the financial data of Fannie Mae, America's biggest home mortgage provider.

Makwana, a contractor for more two years at Fannie Mae, was fired on the spot for changing settings on the organisation's 5,000 servers without authorisation. His access to the company network was shut a few hours later and in the meantime Makwana wrote a malicious scrip intended to destroy all data from Fannie May networks on 31 January 2009.

A co-worker found the script a few days after Makwana was fired and some weeks before the logic bomb was due to explode.

More.


3. Pirate and porn entrepreneur

We would have placed 'Ed', a preternaturally corrupt sysadmin from Pennsylvania, uncovered by Computerworld, even higher on our baddest IT pros league table if we had more than a pseudonym to go on.

Ed used a dummy company to sell half a million dollars worth of pirated software to his employer, and ran a pay-for-porn operation using the company's servers. He had also hacked the company's ecommerce servers and had downloaded the credit card information of 400 customers. And he had sole access to all admin passwords.

Ed merely got fired - and his employer, a $250m Pennsylvania retailer, spent surprisingly little, an estimated $250,000-$300,000, to clear up the mess.

We wonder where Ed is working now.

More.


2. UBS Logic bomber

Roger Doronio, sysadmin, New Jersey, was sentenced to eight years and ordered to pay $3.3m restitution for seeking to harm UBS and profit from his actions.

Duronio quit UBS when he got a smaller than expected bonus. He created the logic bomb which would delete all the files in the host server in the central data centre and then every server in every branch. On March 4, 2002 some 2,000 servers did go down and 400 branch offices were hit. Backup systems did not work and files were deleted.

Expecting the share price of UBS to fall in response to the damage caused by the logic bomb, Duronio purchased more than $21,000 in put option contracts for UBS's stock. A put option is a type of security that increases in value when a stock price drops, But Duronio got it wrong.

The day the "defendant quit UBS he walked out of their offices and straight to his broker's office to bet against UBS. his broker, Gerry Speziale, testified at the trial that an angry Duronio said words to the effect, 'God knows what I can do to get even'."

More.


1. Endangered health of thousands

Jon Paul Oson, technical services manager, Southern California. Sentenced to more than five years and ordered to pay $409,000 in restitution for destroying the records of thousands of low income patients of a San Diego non-profit.

Oson saw red with the "interpersonal difficulties" cited in a performance evaluation for his job as an IT manager for the Council of Community Clinics.

He resigned and soon after logged into the servers of his former employee. From there he disabled a program that backed up medical records of thousands of patients. Six days later he logged on again and "in the span of 43 minutes, methodically deleted the files containing patients' appointment data, medical charts and other information."

More.


Jon Paul Oson tops our league table of rogue IT employees - because he messed around with people's health. But who do you think is the baddest IT?

JavaScript Disabled

Please Enable JavaScript to use this feature.

That's the El Reg IT rogues gallery. We are probably just scratching the surface. Tell us about the most dishonest, vengeful IT pro you have worked with.

Also we are thinking about compiling an article about the most incompetent IT pros. Commentards, share your experiences. Indiscretion is guaranteed, but remember post nothing that can identify someone to others.

Dishonourable mentions - IT rogues who did not make our Top 10

Jason Cornish - revenge is not sweet
David Barksdale - Google snooper and show-off
Ismael Alvarez - small scale revenger
Douglas James Duchak- tried to sabotage terrorist screening database
Sam Chihlung Yin - Gucci grouch

Not just IT pros

Want to leave early - torch a filing cabinet
Officer jailed for leaking police records to violent criminal

Application security programs and practises

More from The Register

next story
Microsoft's MCSE and MCSD will become HARDER to win
Redmond decides it won't replace Masters certifications, so lesser certs get more rigour
Pinterest diversity stats: Also pale and male (but not as much as Twitter)
Cats'n'flowers site latest to admit white men rule its roost
'Oh my god – Mark Zuckerberg wants to meet me'
'The Swiss have got no great interest in working with Apple'
Dammit, Foxconn: Where's our 1 MILLION-strong robot ARMY?
'Foxbots' just aren't good enough to take up the slack
Devs: Fancy a job teaching Siri to speak the Queen's English?
Spik propa lyk dis blud innit, ya get me?
Bankers bid to use offshore temp techies
WikiLeaks publishes Financial Services Annex to 50-nation Trade in Services Agreement
Hey! Where! are! the! white! women! at!? It's! Yahoo!
In non-tech jobs, that is – still mostly white men running Marissa Mayer's web biz
Non-techies: The cute things they say
'OK, smartass, the firewall is blocking the proxy server.'
Join me, Reg readers, and help me UPGRADE our CHILDREN
Think of the children? I just did, says Dom Connor
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.