Rogue IT admin goes off the rails, shuts down Canadian train switches
Grouchy Grupe gets a year and a day behind bars after going loco on network hardware
A former IT administrator at the Canadian Pacific Railway has been jailed for 366 days for sabotaging the organization's computer network.
Christopher Victor Grupe, 46, had a rocky relationship with his employers: in December 2015, he was suspended for 12 days for insubordination and just not making the grade as a sysadmin. After sitting on the naughty step, he returned to the office on December 15 to be told he was being let go, and this got him rather fired up.
Grupe, who worked at the railway's US headquarters in Minneapolis, convinced his bosses to let him quit rather than sacking him. The company acquiesced, and Grupe walked out after signing a resignation letter. He also agreed to return his laptop, remote access authentication token, and access badges.
On December 17, Grupe choo-choo-chose to take a walk on the other side of the tracks, and got up to mischief. Specifically, he used his work notebook and credentials to log into CPR's computer network switches, and began to let off some steam.
Yee-hacked! Fired Texan sysadmin goes rogue, trashes boot businessREAD MORE
Grupe removed administrator-level accounts, deleted certain key files, and changed the passwords for other accounts on the networking hardware, a US district court jury in Minnesota heard.
He then wiped the laptop he used to sideline the switches, destroyed all and any logs in an attempt to cover his tracks, and handed back the computer.
On January 5, the network hit the buffers. IT staff at CPR tried to log into the switches, and found they were locked out. According to court documents [PDF] parts of the system went down, and staff had to force reboot, and presumably factory reset, all the switches to regain access to the equipment.
Management blew its stack, and called in computer forensics experts. Two days later, the infosec bods signaled that they had found signs of Grupe's meddling in the switches' memory storage. This, and evidence gleaned from the rogue employee's laptop, was enough for the police to be called.
After reviewing the evidence, the cops charged Grupe with one count of intentional damage to a protected computer. A jury found him guilty after a five-day trial in October last year, and on Tuesday this week, US District Judge Patrick Schiltz gave him a ticket to a year-long stay at the big house. ®
Sponsored: Becoming a Pragmatic Security Leader