Contact us today!
(518) 203-2110

Evolve IT

Evolve IT has been serving the Saratoga Springs area since 1995, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

This Cyber Crime Landed a Former IT Administrator 2 Years in Jail

Evolve IT Blog IT Blog
0 Comments
This Cyber Crime Landed a Former IT Administrator 2 Years in Jail

Managing permissions for their network is something that many organizations may only consider when it’s too late to do anything about it. This can provide outsiders with access to sensitive information that shouldn’t be seen by anyone but your employees. To learn a few lessons about user permissions, let’s look at the misfortune of PA Online, a Pennsylvania-based Internet service provider.

A former system administrator for PA Online was issued a prison sentence of two years, alongside a fine of $26,000, for using the company network when he wasn’t supposed to. Dariusz J. Prugar, who had been fired just days before the incident, found that his credentials were still valid. He then proceeded to cause the network to crash, leaving countless residents and Pennsylvania businesses without an Internet connection.

Prugar used these credentials to infiltrate the network and steal back software which he claimed was rightfully his. He continued to plant backdoors across the network, and to keep his antics hidden, Prugar enabled scripts that would delete the network’s access logs.

However, the results of this action were far from the intended purpose. The scripts used by Prugar caused the entire system to crash, which led to the company calling Prugar in to assist with getting the systems back online. He then made the mistake of demanding to renegotiate the rights to “his” software, which was a major red flag for PA Online. The ISP called in the FBI to investigate the occurrence, and… well, you know the rest.

The end result was that PA Online’s customers went a week without an Internet connection, and the company eventually had to shut itself down. The effects of a rogue admin led to the demise of the ISP, and it’s only because this former employee still had his own credentials to access the company network.

There is a clear lesson to be learned here; a user who doesn’t need access to your network shouldn’t be able to do so. Often times, an employee who gets terminated or leaves the company for some reason may do so with their credentials intact, and in the confusion of losing a worker, your IT department may forget to revoke their access to the network. Enforcing this practice will help you avoid a premature failing due to a situation similar to what happened to PA Online.

Evolve IT is the ideal solution to these system access problems, as we can monitor your network access in real time for discrepancies, as well as restrict permissions as the need arises. You can know for certain that any users who aren’t currently employed by your business won’t have credentials to access the network. To learn more, reach out to us at (518) 203-2110.

Tweet

Comments

 
No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 23 November 2024
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Blog Categories

Blog Archive

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up!

Free Consultation
 

Tag Cloud

Tip of the Week Security Internet Best Practices Technology Cloud Hackers Privacy Email Productivity Business Malware Software Business Computing User Tips Computer Google Hosted Solutions Microsoft Upgrade Efficiency Workplace Tips Innovation Smartphone Windows 10 IT Support Mobile Devices Ransomware Gmail Hardware Network Security Communication Bandwidth Hacking WiFi Facebook Microsoft Office Operating System Office Backup Apps The Internet of Things Business Continuity Social Media Disaster Recovery Networking Data storage Employer-Employee Relationship Data Windows Experience Two-factor Authentication History Small Business Phishing App Mobile Device Management Money Mobile Computing Network Big Data communications Safety Unified Threat Management Managed Service Provider Outlook Quick Tips Smartphones Wireless Technology Android Firewall Apple Content Filtering Cybercrime Website Best Practice Alert Music Deep Learning Hacker BDR Laptop Cryptocurrency Vendor Management IBM Application Customer Service Google Docs Education Holiday Cleaning Black Market Monitors YouTube Processors Router Office Tips LiFi Staffing BYOD Downtime Office 365 Passwords Displays Streaming Media Help Desk Disaster Analytics Micrsooft Saving Money Visible Light Communication intranet Lithium-ion battery Business Growth End of Support Data Management Recovery Robot Advertising Social Networking Society Sports Public Speaking Google Wallet Writing Spam Running Cable IP Address Virtualization Information Technology Windows 8 Internet of Things Government Hosted Solution Windows XP IT Services Documents Augmented Reality Keyboard Artificial Intelligence Tech Support Compliance Search User Hard Drives Drones Retail Remote Computing Shortcut Social Printer Browser DDoS Heating/Cooling Word Managed IT services Virtual Desktop Wireless Securty Unified Communications Document Management Encryption Business Management Law Enforcement Bluetooth SaaS VoIP Proactive IT Automation Cortana Competition Presentation Entrepreneur Network Congestion Memory Domains Save Money
QR-Code