Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

IT Worker's Revenge Lands Her In Jail

samzenpus posted more than 3 years ago | from the bad-idea dept.

Crime 347

aesoteric writes "A 30-year-old IT worker at a Florida-based health centre was this week sentenced to 19 months in a US federal prison for hacking, and then locking, her former employer's IT systems. Four days after being fired from the Suncoast Community Health Centers' for insubordination, Patricia Marie Fowler exacter her revenge by hacking the centre's systems, deleting files, changing passwords, removing access to infrastructure systems, and tampering with pay and accrued leave rates of staff."

cancel ×

347 comments

Makes the rest of us suffer... (5, Insightful)

Anonymous Coward | more than 3 years ago | (#34515968)

Every time some person does stuff like this and it hits the press, every other IT person ends up suffering when the PHBs realize what the sysadmin or the Cisco guy is capable of.

Will this mean better security? Of course not. It just means that oftentimes someone who shouldn't have access to enable secrets or root passwords gets those as a "backup".

Re:Makes the rest of us suffer... (1)

Berserker (16946) | more than 3 years ago | (#34516002)

Unfortunately you are right on!!

Re:Makes the rest of us suffer... (2)

mysidia (191772) | more than 3 years ago | (#34516274)

Of course not. It just means that oftentimes someone who shouldn't have access to enable secrets or root passwords gets those as a "backup".

You mean someone who in your technical opinion as an engineer shouldn't be using enable secrets or root passwords?

The systems belong to the PHBs. If you want to avoid giving out root passwords, then don't have passwords.... use biometrics. Or use a "password under seal" system, where the password is available but secure, and will be changed within days if a backup needs it.

However, you will still have to provide access, doesn't matter if it's a password or something else, and that is perfectly reasonable, as long as you have accounting measures in place, clear policies on who is authorized to use access, and severe immediate penalties for any backup abusing their access

Re:Makes the rest of us suffer... (4, Insightful)

hendersj (720767) | more than 3 years ago | (#34516442)

Really, I think this just highlights something I've said for years: If you don't trust your IT people, they shouldn't be your IT people.

It's a job requirement to be trustworthy when working in IT. Those who aren't pull crap like this.

Even if she hadn't gone to jail, if she got caught tampering with systems (either while employed there or after being terminated), she should never, ever, under any circumstances be trusted to admin a system again.

Ever.

Re:Makes the rest of us suffer... (2)

MightyMartian (840721) | more than 3 years ago | (#34516536)

This applies across the board. Not just IT people but accountants, managers, legal advisers and so on. IT people are not the only ones who can cause significant damage to an organization.

Re:Makes the rest of us suffer... (1)

hendersj (720767) | more than 3 years ago | (#34516778)

Good point - it seems to be less of a problem in the other areas (in my experience, in any event). Thing is that admin people tend to have access to data from multiple of the other organizations, so while I wouldn't say that hiring untrustworthy people in any position is a good practice, in IT it can be doubly bad because the IT staff can generally access docs on shared drives (for example) that belong to accounting, legal, etc - and can either disclose it or nuke it along with the backups.

That can cause a lot more damage than if an accountant nukes his/her data, because they don't generally have access to the backups or other system-level tools.

If they do, the phrase "you're doing this wrong" comes to mind. ;-)

But point well taken.

Re:Makes the rest of us suffer... (0)

Anonymous Coward | more than 3 years ago | (#34516764)

only for the slackers who don't control all content going to their bosses' computers.

Re:Makes the rest of us suffer... (1, Insightful)

Venik (915777) | more than 3 years ago | (#34516774)

Every time I see news like this, it certainly makes me suffer: a good sysadmin would not get caught. For a sysadmin, incompetence is the worst crime.

Um good? (4, Insightful)

Hatta (162192) | more than 3 years ago | (#34515972)

Person commits crime, goes to jail. Fascinating reporting there.

Re:Um good? (1)

Panspechi (948400) | more than 3 years ago | (#34516042)

She's not that good if she got caught... and seemingly the only evidence they really got was her admission. This smells like S.P.E.C.T.R.E. had their hands into this. This, thne VISA and Masterdarc. What's next?

Re:Um good? (0)

Anonymous Coward | more than 3 years ago | (#34516194)

Anonymous Coward did the actual hack. This woman just happened to be in the right place for us to frame.

Re:Um good? (0)

Anonymous Coward | more than 3 years ago | (#34516502)

I'm more suspicious of C.H.A.O.S.

Re:Um good? (0)

fyngyrz (762201) | more than 3 years ago | (#34516822)

No... it was probably T.H.R.U.S.H.

Re:Um good? (2, Insightful)

scorp1us (235526) | more than 3 years ago | (#34516776)

You missed it. There's a girl in IT. That's the news!

Its not even that she hacked in. NASA has always had a problem with girlfriends of employees getting pissed, getting in and then breaking stuff.

Harsh Sentence (4, Insightful)

Manip (656104) | more than 3 years ago | (#34515974)

I love how computer crimes are measured on an entirely different scale to all other crimes. While I think her crime was serious, when you look at the prison sentence relative to other things it seem disproportionate. If she had done the same thing without a computer I bet she would see less than 1/2 the jail time.

Re:Harsh Sentence (1)

KublaiKhan (522918) | more than 3 years ago | (#34515980)

It'd be interesting to see someone modify payroll records without a computer in this day and age.

Re:Harsh Sentence (2)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#34516032)

Does taking a fire-axe to the SAN count as "using a computer"?

Re:Harsh Sentence (2)

Farmer Tim (530755) | more than 3 years ago | (#34516058)

As a target, yes.

Re:Harsh Sentence (2)

nomadic (141991) | more than 3 years ago | (#34516012)

If she had broken into the place, shredded documents, forged payroll records, changed some locks and damaged others so doors wouldn't open you think she would get less than half the jail time?

Re:Harsh Sentence (4, Funny)

Monkeedude1212 (1560403) | more than 3 years ago | (#34516028)

No, I'm pretty sure she would have been rehired and promoted into a management position.

Re:Harsh Sentence (0)

Frosty Piss (770223) | more than 3 years ago | (#34516086)

No, I think her sentence would be about the same. But remember anyway, 19 months means half of that, most low-level white-collar criminals get "good behavior" and "overcrowding" breaks...

Re:Harsh Sentence (1)

TheRaven64 (641858) | more than 3 years ago | (#34516428)

I think that's part of the entrance test for interviewees at Goldman Sachs.

Re:Harsh Sentence (1)

Xugumad (39311) | more than 3 years ago | (#34516596)

I was thinking that. Computer crimes aren't punished more severely, it's just easier to commit more severe crimes with them...

Re:Harsh Sentence (1)

Anonymous Coward | more than 3 years ago | (#34516016)

What you can't understand you must punish harshly... got a feeling there is more and more of that these days...

Re:Harsh Sentence (1)

TheL0ser (1955440) | more than 3 years ago | (#34516034)

So you're saying shredding/burning records, cementing up doors to rooms (bad analogy, but I'm too lazy to think), and changing locks on other doors would be 9.5 months of jail time?

Re:Harsh Sentence (1)

Frosty Piss (770223) | more than 3 years ago | (#34516040)

... when you look at the prison sentence relative to other things it seem disproportionate.

Your view might be different if it was your IT department, or your pay and leave records being dinked with...

If the penalty is a slap on the wrist, what's the deterrent?

Re:Harsh Sentence (2)

Delusion_ (56114) | more than 3 years ago | (#34516144)

You make a good case for not involving the victims in sentencing.

Re:Harsh Sentence (1)

Frosty Piss (770223) | more than 3 years ago | (#34516214)

You make a good case for not involving the victims in sentencing.

Bullshit. Sentiences *should* bare some relationship to the impact on the victim.

Consider a geriatric wino living under a bridge - of no particular value to society. Does this make bum-killings "OK"?

Re:Harsh Sentence (-1, Troll)

MichaelKristopeit205 (1946180) | more than 3 years ago | (#34516268)

what "Sentience" would be fair for killing you?

you're an idiot.

cower some more, feeb.

you're completely pathetic.

Re:Harsh Sentence (1)

gfreeman (456642) | more than 3 years ago | (#34516316)

Er, no ... which is entirely the point he was trying to make. Killing a bum gets you the same sentence as killing the President. Do you think it should be different?

Re:Harsh Sentence (1)

pantheonwhaley (1933610) | more than 3 years ago | (#34516380)

The point I think Frosty Piss was trying to make is that a bum and the President both equally want to live. Not that people value them differently.

Re:Harsh Sentence (1, Offtopic)

cayenne8 (626475) | more than 3 years ago | (#34516602)

"The point I think Frosty Piss was trying to make is that a bum and the President both equally want to live. Not that people value them differently."

These days...it is getting hard to TELL which one is the bum, and which one is the president.

Re:Harsh Sentence (0)

Maury Markowitz (452832) | more than 3 years ago | (#34516824)

These days...it is getting hard to TELL which one is the bum, and which one is the president.

Not at all. One of them no longer smokes.

Re:Harsh Sentence (1)

icebraining (1313345) | more than 3 years ago | (#34516476)

No, parent's saying it shouldn't be up to the victims to decide the sentence.

Yes, if it was my IT department, one could feel more strongly. That doesn't mean it's a better sentence.

Re:Harsh Sentence (3, Insightful)

Delusion_ (56114) | more than 3 years ago | (#34516544)

My point is that you are convicted by a jury of your peers and not a jury of your victims for a good reason; a jury and a judge have a better ability to be dispassionate.

That we involve victims in sentencing hearings is abominable, as is that we enforce arbitrary minimum sentencing regulations.

If I am guilty of a crime, what I did is what should matter, not how good or bad a person the victim was. Rather than go down Hypothetical Alley with you about the value of human life, I'd like to keep our hypothetical closer to the facts:

Would this crime be more heinous "your IT department", as you put it, were genuinely good people? Would it worth less sentencing if it took place at an equivalent organization whose IT staff was lazy and whose managers were bombastic annoying pricks? Surely not. In that case, your opinions as the victim as to what the guilty party deserves regarding sentencing are too compromised.

Re:Harsh Sentence (1)

Frosty Piss (770223) | more than 3 years ago | (#34516692)

My point is that you are convicted by a jury of your peers and not a jury of your victims for a good reason; a jury and a judge have a better ability to be dispassionate.

As was the case here. The victim didn't choose the sentence.

By the way, do you object to "Victim's Impact Statements" at the sentencing? For serious crimes like auto-related deaths / maiming, home invasions, and murder?

Re:Harsh Sentence (1)

MichaelKristopeit202 (1943250) | more than 3 years ago | (#34516182)

if the penalty is murder, would someone still accuse someone of being raped by religious figures and beating women and molesting children?

i wonder if they would.

i wonder if they would scream.

i wonder if they would cry and beg for mercy.

i wonder if they want to die.

Re:Harsh Sentence (1)

Johnny5000 (451029) | more than 3 years ago | (#34516448)

Your view might be different if it was your IT department, or your pay and leave records being dinked with...

This.
I used to work at a place with a really shitty asshole of a manager. One of the other employees apparently had the bright idea to create a program that would mess with all of the customer records, since it would somehow make the asshole manager look bad when stuff started to fail.

Apparently he had been screwing around with the customer records for months, which pretty much made all of the backups worthless.
One day he went too far, his damage caused the whole system to crash, and he got caught.
He was fired, of course, and I'm pretty sure he had charges brought against him, but guess who had to clean up the mess?

Re:Harsh Sentence (1)

JaredOfEuropa (526365) | more than 3 years ago | (#34516056)

What if she broke into the office and set fire to a couple of file cabinets, and burned the company's financial books and payroll records as well (assuming they'd have none of it on computers)? Even if her actions wouldn't burn down the whole building, I should think she'd get a stiff penalty for that, including some jail time.

Re:Harsh Sentence (1)

TheLink (130905) | more than 3 years ago | (#34516224)

Once you use fire, it could be categorized as arson.

In some places the penalties for arson can be quite significant.

Re:Harsh Sentence (1, Interesting)

MyLongNickName (822545) | more than 3 years ago | (#34516070)

1st: I do not think I agree with OP. If I did the same damage without a PC, I bet I would be arrested.

2nd: The reporting is interesting. To a great extent, folks knowledgeable about computer systems/programming are looked on as some type of magicians. We get mixture of respect and contempt because of this. People depend on us and our services and that creates a high level of conflict.

3rd: They are actually working on the idle CSS. Still sucks, but at least the edit textbox is no longer 0.75" wide.

Re:Harsh Sentence (1)

gmack (197796) | more than 3 years ago | (#34516326)

I'm wondering why it took 3 months to get her to hand over the password. Not defending what she did but why couldn't they just preform a password reset?

It really doesn't seem like either her or her employer were all that competent.

Re:Harsh Sentence (1)

davev2.0 (1873518) | more than 3 years ago | (#34516404)

I worked there for a while. I am guessing she was the sole IT person. Thing to remember is that SCHC is a non-profit where most of the budget goes to health care.

Re:Harsh Sentence (1)

Bobakitoo (1814374) | more than 3 years ago | (#34516426)

She was the only IT worker, and they fire her.

Re:Harsh Sentence (1)

Bigjeff5 (1143585) | more than 3 years ago | (#34516104)

Do you realize how much damage you can do with that kind of access?

You are seriously underestimating the seriousness of the crime. That she didn't do all that much damage is relevant to a point, but she clearly intended to do as much harm as she could.

Re:Harsh Sentence (2)

redstar427 (81679) | more than 3 years ago | (#34516392)

It's a good thing she didn't share music files from a CD at the same.
She could have owed millions of dollars, and her sentence might have been for a much longer time!

Re:Harsh Sentence (1)

davev2.0 (1873518) | more than 3 years ago | (#34516446)

I am betting the fact that SCHC is a non-profit providing health care to migrant workers, the elderly, and the poor might have figured into the sentencing.

As for how she was able to do so, she was probably the only real IT person in the company



Disclaimer: I worked at SCHC as the sole IT person for a long time.

A Florida Story... (0)

Anonymous Coward | more than 3 years ago | (#34515982)

...reported on an Australian website? Odd.

Crime doesn't pay, idiots.

Re:A Florida Story... (2)

gfreeman (456642) | more than 3 years ago | (#34516336)

Not that odd. The rest of the world reports on news from the rest of the world. It's only inside the borders of the US that the news programs seem to stop at the national border.

Re:A Florida Story... (0)

Anonymous Coward | more than 3 years ago | (#34516792)

Not that odd. The rest of the world reports on news from the rest of the world. It's only inside the borders of the US that the news programs seem to stop at the national border.

Seriously? Only the US?

I can think of several counter examples, but let's keep things simple and talk just about China! Are you asserting the Chinese have a gloriously open flow of uncensored and unfiltered news from both sides of the border?

Not even worth "Idle" (0)

Frosty Piss (770223) | more than 3 years ago | (#34515990)

She committed a serious crime that had no other purpose than revenge. She got caught and will now pay the pric of stupidity.

News?

Re:Not even worth "Idle" (1)

Delusion_ (56114) | more than 3 years ago | (#34516118)

The prics of stupidity are going to have a field day with this one.

Re:Not even worth "Idle" (2)

gfreeman (456642) | more than 3 years ago | (#34516348)

Will the pric of stupidity stand up in court, or will she be put through the penal system?

Re:Not even worth "Idle" (0)

Anonymous Coward | more than 3 years ago | (#34516478)

Guess she really cocked up on this one.

Re:Not even worth "Idle" (0)

Anonymous Coward | more than 3 years ago | (#34516480)

News?

Not really.

If you're going to do revenge, do it better.

In the late 80's, I was a lead IT/admin and once got fired for something petty, (boss liked to save money by firing people to save on raises/vacation) I packed up and left and never looked back. They went from 3 full time IT to 1 (in a remote office) and decided to train a receptionist to handle support and backups (at half the salary, no IT experience).

While I was leaving, I didn't mention that I recently discovered a huge bug in the main processing system and was documenting it to fix. I never found out where I put my notes, I thought they were in my planner, they must caught on fire or something.

If they had laid me off, I would have been happy to help them fix the bugs, but no, they wanted to grab my vacation time and severance pay too. They offered to hire me back as a consultant a few weeks later, I didn't bother returning their calls.

[Yeah, I'm doing this anon, I know my long ex-coworkers would read this if I didn't, I don't want the hassle]

Re:Not even worth "Idle" (0)

Anonymous Coward | more than 3 years ago | (#34516690)

Well, at least she was only fired for being "insubordinate". I mean, fuck, these days, if your company is hierarchical & militant enough to use the word "insubordinate", they're just as likely to use "terrorist".
-BLAM- Konsidah yohself fie-ahd."

Fear for People in ... (1)

BoRegardless (721219) | more than 3 years ago | (#34515996)

Suncoast Community Health Centers for hiring such imbeciles to entrust with the health of you and your relatives!

Re:Fear for People in ... (1)

mark72005 (1233572) | more than 3 years ago | (#34516120)

what you say ! ! !

Re:Fear for People in ... (1)

Anonymous Coward | more than 3 years ago | (#34516270)

Somebody set the elderly up the wrong medication.

Re:Fear for People in ... (1)

Anonymous Coward | more than 3 years ago | (#34516140)

Suncoast Community Health Centers for hiring such imbeciles to entrust with the health of you and your relatives!

So, how did they know she was an "imbecile"?

When they hired her, more than likely she was currently employed, had great references, and checked out.

She was fired for "insubordination". That can mean anything: she was uncooperative and unwilling to work with others or she just asked questions and challenged the power that be for their polices - like every Slashdotter does. For example, "Gee boss, why do you want to allow internet access to our employment records?". Questioning authority can mean being labeled as being "insubordinate". Then again, she may have said, "You're an IDIOT for wanting to allow access to employee records from the internet!"

See the difference?

I have been in situations where the boss welcomed the "you're being stupid" argument from underlings and other bosses who called you "insubordinate" for just asking a question.

Of course, her reaction was completely moronic; which probably puts her into my latter examples. But my point is that her employer may have thought she was a great hire.

Re:Fear for People in ... (1)

Johnny5000 (451029) | more than 3 years ago | (#34516514)

Suncoast Community Health Centers for hiring such imbeciles to entrust with the health of you and your relatives!

As someone pointed out earlier in the comments,
Suncoast Community Health Centers is a non-profit providing health care to migrant workers, the elderly, and the poor. I'm guessing they don't have a lot of money to blow on getting the cream-of-the-crop IT professionals.

Yeah, but... (2, Informative)

Ecuador (740021) | more than 3 years ago | (#34516000)

is she hot?
Also, does she run linux at home?

Re:Yeah, but... (1)

badboy_tw2002 (524611) | more than 3 years ago | (#34516128)

Isn't the second question redundant? Or maybe, "If not" instead of "Also,".

Re:Yeah, but... (1)

frieza79 (947618) | more than 3 years ago | (#34516390)

those are mutually exclusive

Re:Yeah, but... (4, Funny)

MobileTatsu-NJG (946591) | more than 3 years ago | (#34516526)

is she hot?
Also, does she run linux at home?

You may choose only one.

Re:Yeah, but... (1)

pnutjam (523990) | more than 3 years ago | (#34516624)

violence is like duct tape, if it doesn't fix your problem, you didn't use enough...

You know that saying? (1)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#34516004)

"Revenge is a dish best served cold." (or by Anonymous, on your behalf...). A massive grudge-hack spree 4 days after your termination suggests that A) IT didn't have its shit together and B) You are now suspect #1.

Unless you are very good, you aren't going to avoid leaving enough of a trail that wriggling out of the "#1 suspect" spot will be easy or comfortable...

Re:You know that saying? (1)

twidarkling (1537077) | more than 3 years ago | (#34516162)

Sure it's easy, just make sure you're behind seven proxies!

You left out a question (0)

Anonymous Coward | more than 3 years ago | (#34516286)

(c) is she a lesbian?

Actually, it does not matter, in 17 months she will be one.

Getting out of the number 1 spot. (1)

www.sorehands.com (142825) | more than 3 years ago | (#34516314)

One important thing about getting out of the number one spot, don't broadcast how you would get out of it on Slashdot.

Re:You know that saying? (1)

Crudely_Indecent (739699) | more than 3 years ago | (#34516466)

It's not that hard to be good at being bad.

Certainly, a dish served cold. Preparations can begin while the plate is still hot though.

  1. Start by using your access to create new superuser accounts for yourself which have no reference to your name.
  2. Use your new superuser accounts to delete your old superuser accounts and clean up the logs left behind.
  3. Write some clever scripts that will do your dirty work at a frenzied pace, then self destruct after altering log files to point at someone you don't like.
  4. Set up a scheduled task so the mayhem occurs while you're participating in an iron-clad alibi
  5. Feel slightly gypped that someone else is named in the article that hits Slashdot

Martin Fowlers wife? (0)

Anonymous Coward | more than 3 years ago | (#34516008)

Could it be

Doing it wrong. (0)

Anonymous Coward | more than 3 years ago | (#34516044)

One does not simply walk into BOFHdom.

What? (5, Insightful)

segedunum (883035) | more than 3 years ago | (#34516082)

Fowler's attack on the company's firewall, which had caused a "lockout", took Federal Bureau of Investigations (FBI) three months to resolve.

What? Seriously. What? What the hell is a lockout and why would it take anyone three months to solve a firewall issue?

Re:What? (0)

Frosty Piss (770223) | more than 3 years ago | (#34516154)

...why would it take anyone three months to solve a firewall issue?

"Reading comprehension" requires you to "think". It didn't take them 3 months to sort out their firewall, it took the FBI 3 months to pin down build a case against the rouge IT wench.

Re:What? (0)

MichaelKristopeit204 (1946178) | more than 3 years ago | (#34516228)

you're an idiot. keep making excuses. keep quoting "think" because you are unable to do it on your own.

you need another "mental health day".

you're completely pathetic.

Re:What? (1)

eviloverlordx (99809) | more than 3 years ago | (#34516244)

I didn't know she was wearing makeup at the time of her criminal activities.

Re:What? (1)

gfreeman (456642) | more than 3 years ago | (#34516362)

Badum-tisch

Re:What? (0)

Anonymous Coward | more than 3 years ago | (#34516252)

According to the article it took the FBI three months to get her to confess and give the new password.

Re:What? (0)

Anonymous Coward | more than 3 years ago | (#34516666)

you're an idiot.

Re:What? (1)

Guidii (686867) | more than 3 years ago | (#34516232)

Why would it take anyone three months to solve a firewall issue?

In July, the FBI secured an admission from Fowler that she had hacked the centre's systems, at which point she handed over the new password

They weren't configuring the firewall. They were trying to access it.

Couldn't they just reset the thing?

Re:What? (1)

Anonymous Coward | more than 3 years ago | (#34516278)

lockouts prevent backtracing

Re:What? (1)

ElectricTurtle (1171201) | more than 3 years ago | (#34516388)

Consequences will never be the same.

Re:What? (1)

pilgrim23 (716938) | more than 3 years ago | (#34516296)

What she did was remove all security and allow her Bosses to do exactly what they asked for... 10 minutes later the missiles launched and all was ruin.

Re:What? (1)

lymond01 (314120) | more than 3 years ago | (#34516306)

Seriously. Replace the firewall.

Re:What? (1)

ZappedSparky (1935014) | more than 3 years ago | (#34516334)

"Computer, *bleep* security lockout, authorisation,Sparky, charlie tango one five nine alpha."

Re:What? (1)

plcurechax (247883) | more than 3 years ago | (#34516384)

Fowler's attack on the company's firewall, which had caused a "lockout", took Federal Bureau of Investigations (FBI) three months to resolve.

What? Seriously. What? What the hell is a lockout and why would it take anyone three months to solve a firewall issue?

That's how long the FBI spent running all the staff through ICE (Immigrations) before they replaced it. And you thought your last doctor's appointment was a long wait...

At the speed of government.

Re:What? (1)

Ambiguous Coward (205751) | more than 3 years ago | (#34516592)

Have you seen the amount of paperwork involved? That alone could take up to 90 days for the FBI to process.

Now, if it's not actually helping people, it'll be done by tomorrow.

Re:What? (4, Informative)

Charliemopps (1157495) | more than 3 years ago | (#34516614)

I'm fairly sure I know exactly what she did. Most companies have the same security flaw. They have their network hardware resolve user names and passwords the same way all their workstations do. They also have a "Lockout" if you get the password wrong a certain number of times (usually 3.) I'm sure you've seen this before. The vaulnerability is, if you then have everyones email be: userid@yourcompany.com, anyone can very easily pull down a full listed of userids from the exchange server. The companies address list literally has every userid in the company. You then simply write a script to hit a piece of network equipment 3x with a garbage password for every single user in the company. Because it's a telnet connection it's REALLY fast. The system locks out every single user. If the admins weren't smart enough to reserve a single master login (and they usually are not) you can cripple the entire company.

Oops! - Not sympathetic (0)

Anonymous Coward | more than 3 years ago | (#34516090)

If she worked in IT she should have known better.

She is likely not violently dangerous so I hope the system treats her well. Still if she did the crime this is a very believable result.

Certainly not going to help her get a new job.

A female IT worker? (0)

Anonymous Coward | more than 3 years ago | (#34516114)

WTF? Is she single?

did she really "hack" it? (3, Insightful)

darjen (879890) | more than 3 years ago | (#34516282)

or did she use passwords she already had to get into the system? I wouldn't be surprised if this was yet more abuse of the word "hacking".

Re:did she really "hack" it? (0)

Anonymous Coward | more than 3 years ago | (#34516346)

Well, the "Anonymous" group is hacking PayPal too with their DDOS "hacking tools". I think hacking has degraded to mean "any unauthorized use of a computer or computer-like device".

Re:did she really "hack" it? (4, Interesting)

TheRaven64 (641858) | more than 3 years ago | (#34516484)

Given some of the 'hacks' that have been reported here over the last year, I think hack now means 'use a computer in a way that the writer does not completely understand.'

Re:did she really "hack" it? (1)

Crudely_Indecent (739699) | more than 3 years ago | (#34516508)

If only you had sudo permissions to grant me mod points....

Re:did she really "hack" it? (1)

McNihil (612243) | more than 3 years ago | (#34516748)

Hyperbole time: Wouldn't "use a computer in a way that the writer does not completely understand." include ALL windows (ok ok computer) users? It would include themselves in this category because obviously they don't know what they themselves are doing... everyone is a hacker these days. IMHO Rote knowledge of a computer system regardless of OS and applications is just ROTE knowledge and has nothing to do with understanding... Apes/Cats/Dogs/Rats can all push buttons too and make stuff happen to benefit them.

These writers are themselves HACKS.

ok ok I am tumbling off of the pulpit now.

tks!

Re:did she really "hack" it? (2)

Bobakitoo (1814374) | more than 3 years ago | (#34516520)

Hacking has become a synonym for magic. Any technical feat that is beyond understanding is hacking. With the dumb media we have, pretty much anything is hacking these days.

Re:did she really "hack" it? (1)

treeves (963993) | more than 3 years ago | (#34516522)

Uh yeah. Is that new or surprising to you? I'd say that probably happened over twenty years ago.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...