sysadmin malicioso

um caso real:

Indictment: Sysadmin passed over for promotion quits, then strikes back
Angry "ERP Guru" allegedly steals credentials, wreaks havoc on former employer.

The idea of the disgruntled sysadmin turning techno-Robin Hood and giving his or her employer a taste of their own medicine is almost universally popular on tech-centric sites and message boards. However, things almost never work out positively for the people who turn revenge-fantasy into reality. The latest sysadmin to strike back, Smithtown, NY-based Michael Meneses, is facing federal charges for allegedly causing over $90,000 in damage to his employer, the Spellman High Voltage Electronics Corporation.

According to the New York Times and several other sources (including ComputerWorld), Meneses' primary task at Spellman was managing the company's enterprise resources management application. As anyone who's been in IT for any length of time knows, ERP applications are almost always cranky and expensive beasts that require employees dedicated to their care and feeding. (...)

Meneses was one of two employees responsible for the ERP management and customization, and multiple sources describe Meneses as being angry in late 2011 for being passed over for promotion. So angry, in fact, that he allegedly tendered his two-weeks notice in response. His role as ERP administrator gave him privileged access to at least some of the company's IT systems, and though it's impossible to say exactly what happened, the Times' piece reports that before his access was removed, coworkers witnessed Meneses copying files off of his company computer onto a flash drive.

After his employment was terminated, the FBI claims Meneses embarked on a three-week revenge campaign against the company, causing "over $90,000" in damage to Spellman's business. The actual descriptions of what Meneses is supposed to have done and the methods allegedly used are annoyingly vague across all the available sources, with all agreeing that he "hacked into the company's network." According to the reports, Meneses then deployed "a program that captured user log-in names and passwords" of his former coworkers. The FBI's press release also says that he used stolen user credentials to access Spellman's network via a VPN connection, where he then "corrupt[ed] the network," whatever that means.


notícia completa