Contact us today!
(518) 203-2110

Evolve IT

Evolve IT has been serving the Saratoga Springs area since 1995, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

This Cyber Crime Landed a Former IT Administrator 2 Years in Jail

Evolve IT Blog IT Blog
0 Comments
This Cyber Crime Landed a Former IT Administrator 2 Years in Jail

Managing permissions for their network is something that many organizations may only consider when it’s too late to do anything about it. This can provide outsiders with access to sensitive information that shouldn’t be seen by anyone but your employees. To learn a few lessons about user permissions, let’s look at the misfortune of PA Online, a Pennsylvania-based Internet service provider.

A former system administrator for PA Online was issued a prison sentence of two years, alongside a fine of $26,000, for using the company network when he wasn’t supposed to. Dariusz J. Prugar, who had been fired just days before the incident, found that his credentials were still valid. He then proceeded to cause the network to crash, leaving countless residents and Pennsylvania businesses without an Internet connection.

Prugar used these credentials to infiltrate the network and steal back software which he claimed was rightfully his. He continued to plant backdoors across the network, and to keep his antics hidden, Prugar enabled scripts that would delete the network’s access logs.

However, the results of this action were far from the intended purpose. The scripts used by Prugar caused the entire system to crash, which led to the company calling Prugar in to assist with getting the systems back online. He then made the mistake of demanding to renegotiate the rights to “his” software, which was a major red flag for PA Online. The ISP called in the FBI to investigate the occurrence, and… well, you know the rest.

The end result was that PA Online’s customers went a week without an Internet connection, and the company eventually had to shut itself down. The effects of a rogue admin led to the demise of the ISP, and it’s only because this former employee still had his own credentials to access the company network.

There is a clear lesson to be learned here; a user who doesn’t need access to your network shouldn’t be able to do so. Often times, an employee who gets terminated or leaves the company for some reason may do so with their credentials intact, and in the confusion of losing a worker, your IT department may forget to revoke their access to the network. Enforcing this practice will help you avoid a premature failing due to a situation similar to what happened to PA Online.

Evolve IT is the ideal solution to these system access problems, as we can monitor your network access in real time for discrepancies, as well as restrict permissions as the need arises. You can know for certain that any users who aren’t currently employed by your business won’t have credentials to access the network. To learn more, reach out to us at (518) 203-2110.

Tweet

Comments

 
No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 22 January 2025
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Blog Categories

Blog Archive

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up!

Free Consultation
 

Tag Cloud

Tip of the Week Security Technology Internet Best Practices Cloud Hackers Privacy Email Productivity Malware Business Software Business Computing User Tips Efficiency Computer Workplace Tips Google Hosted Solutions Microsoft Upgrade Windows 10 IT Support Mobile Devices Innovation Smartphone Hardware Network Security Ransomware Gmail The Internet of Things Social Media Microsoft Office Office Bandwidth Backup Apps Business Continuity Disaster Recovery Communication Hacking WiFi Facebook Operating System Quick Tips Best Practice Alert Networking Data storage Firewall Windows Content Filtering Data Cybercrime Experience Website Mobile Device Management Money Network Smartphones Employer-Employee Relationship Two-factor Authentication Managed Service Provider History Outlook Small Business Phishing App Wireless Technology Android Mobile Computing Big Data communications Apple Safety Unified Threat Management Encryption IP Address Deep Learning Virtualization Document Management Law Enforcement SaaS VoIP BDR Government Augmented Reality Cortana Vendor Management Keyboard Proactive IT Network Congestion Search User Save Money Hard Drives Remote Computing Monitors Shortcut Music DDoS Heating/Cooling Word Cryptocurrency Laptop IBM Displays Google Docs Education Business Management Cleaning Holiday YouTube Processors End of Support Black Market Office Tips LiFi Staffing Competition Presentation Entrepreneur BYOD Downtime Streaming Media Domains Help Desk Writing Passwords Micrsooft Visible Light Communication Disaster Hacker Data Management Business Growth Robot Advertising Recovery Application Customer Service Society Sports Spam Retail Google Wallet Information Technology Running Cable Router Windows 8 Internet of Things Windows XP Office 365 IT Services Managed IT services Hosted Solution Artificial Intelligence Documents Analytics Saving Money Tech Support Compliance Lithium-ion battery Bluetooth intranet Drones Social Automation Printer Browser Virtual Desktop Wireless Memory Social Networking Unified Communications Securty Public Speaking
QR-Code