Rogue IT admin goes off the rails, shuts down Canadian train switches A former IT administrator at the Canadian Pacific Railway has been jailed for 366 days for sabotaging the organization's computer network. Christopher Victor Grupe, 46, had a rocky relationship with his employers: in December 2015, he was suspended for 12 days for insubordination and just not making the grade as a sysadmin. …
> . I'm surprised that the judge or even the forensics folks didn't rip the CIO a new one
I'm not. When I worked IT admin, management (not just from one company) would frequently "let someone go" with out informing us. For the most part we were lucky in that the only damage done was a deleted mailbox (recoverable) and a mouse lead being severed (£3 to replace). And sure, after I would then have a chat, the next few dismissals we were informed just before the meeting, but inevitably it slipped again after a few months, or new managers. Rinse and repeat.
management (not just from one company) would frequently "let someone go" with out informing us.
The problem is org charts. HR have a visceral resistance to the reality that on a day to day basis a SysAdmin is a far more powerful (and therefore potentially dangerous) individual than a CEO and consequently needs to be handled with greater care.
The same thing happens in DCs. People get awestruck by CTOs and (to a lesser extent) networking guys and forget that regular electricians and aircon plumbers underpin everything[1].
[1] Based on a "logic bomb" left by a disgruntled sparky. A few breakers were "accidentally" miswired so that when a scheduled power down happened three months later the wrong aisles got powered off which also unbalanced the 3-Phase with assorted domino effects. The miscreant was long gone back to somewhere in Eastern Europe by then.
"This is _why_ you need documented procedures for these kinds of things".
I've ended up writing such procedures on the way out in previous jobs - which is not ideal. Thankfully, these were positions where my departure was on amicable terms - but this isn't the sort of thing you want to do when the person is annoyed and would like to see their (now ex-)employer go up in flames like a Bond baddie's secret volcano hide-out.
"I'm surprised that the judge or even the forensics folks didn't rip the CIO a new one"
Why would they? Failing to run a business according to best practice is not generally a criminal offence. If you leave your door unlocked and someone robs your house, it's not the judge's business to tell you you're an idiot, he's only there to sentence the burglar.
Although I live in the UK I've worked for US and CDN companies for decades.
I find it bizarre that over here you can be fired with several weeks notice, and can be expected to continue doing your job and set your house in order for a smooth transition - while in North America, even if you've done nothing wrong, you are called into a meeting, have your accounts locked, laptop removed and are escorted from the building, leaving colleagues to cope with the fallout.
The latter approach just seems to make for very angry and aggrieved ex-employees, and places a burden on remaining staff who have to pick up the pieces.
"I find it bizarre that over here you can be fired with several weeks notice, and can be expected to continue doing your job and set your house in order for a smooth transition"
Not that I'm massively experienced but I've never seen anyone fired for misconduct and been allowed to continue working. I've seen people made redundant and work their notice period as you describe above.
I have seen people try to pass through the turn styles only to find their passes have been disable. They're handed a letter and told to go home and await the meeting to be scheduled. IT access has also been similarly revoked.
Gardening leave was enforced and a severance package was available at the time.
Location: UK.
Our entire office was made redundant but we were all allowed to continue using the facilities for preparing/updating CVs, arranging interviews and just generally faffing about. Any faffing had to be legal and within our T&Cs, so no downloading pirated stuff, no browsing pr0n sites and so forth.
As far as I know, nobody abused it.
"over here you can be fired with several weeks notice, and can be expected to continue doing your job and set your house in order for a smooth transition"
The difference is that here, if you're being made redundant (vs "fired") you're going to be given a severance package and a reference which are both at risk if you do anything stupid.
If there's a hint that you won't play nice then your notice period will be spent at home, gardening, with all access codes having been changed before you were told about it.
The USA in particular has this peculiar concept of "at will" employment (which the tories keep trying to introduce here) which means that noone's job is secure from one day to the next - and one of the favourite manglement tactics when firing a lot of people is to parachute XYZ inept manager into the location with promises of long term upgrade to start sacking people ("hoorah", he thinks), and then push him out the door with no compensation when the dirty work is done.
Honestly, you'd think it would be written into HR and Management manuals by now: if you have an employee who is showing signs of being likely to become an ex-employee, then when you fire him you lock his accounts first, then you inform him that he is being terminated and that his remaining tenure with the company is gardening leave, to be spent off-site.
Otherwise, try to conduct all such business with the maximum of politeness and dignity, so as to preserve your company's reputation and minimise hurt and annoyance to the soon-to-be-ex employee. Pay a little more than statutory minimum redundancy payments, extend health cover for a month or so, basically be nice to the bloke you're firing and with luck he'll be nice back to you.
> An IT professional should be exactly that.
> People who pull this kind of shit should be
> barred from the profession for life and receive
> much tougher penalties.
And all IT professionals should be bonded. It's still amazing that with the kind of access that IT folks get, they don't have to post a serious bond.
I ask as forensic experts "got in" by an employer is not the same as an impartial police investigation and certainly not be accepted as evidence equal to a real investigation.
Again not shutting his access down is just inviting trouble and should be viewed as being equivilent to leaving a window open.
Perhaps the reason original arguement requiring his dismissal was about how incompetent his management were
^ someone got a guilty conscience? Your analogies are nonsense; an open window is not an invitation to anyone other than criminals.
You got a point, but (continuing the anaology) it's also an invitation for Insurance companies* not to pay up, should something happen in said circumstances.
* You are free to argue said companies are also 'criminal' of course.
"open window is not an invitation to anyone other than criminals", no you are just plain wrong, security is everyone's responsibility.
An open window, at court, is the difference between breaking and entering (a crime) and entering to dick with you by turn off some of your electric equipment, changing the recording times on your PVR (not a crime) or any other action that doesn't break the law.
Hence one is a crime the other would be a civil case at best, this because not taking security seriously costs everyone else money and is correctly seen as incitement by the courts.
Here we have a prime example of failing to implement minimum security practices and personally I would say the company is far from innocent in this. If they had removed all access at the point where he was suspended or at very least when he left then there would not be any court case to hold.
@AC Actually the two cases you've cited would be "breaking and entering" if the Windows were shut and "criminal tresspass" if the Windows were open.
Just because a window was open, doesnt give you ANY right to climb into another persons house without there permission.
What you do inside the house would just determine if there were other crimes you were charged with. oh and by the way things like "dicking around with your Equipment" would likely bring a criminal mischief charge.
Playing with other peoples toys, with out their permission, is just not allowed...
US law of "criminal tresspass" I presume, still IMHO does not make just being on someone else property a instant crime but it is the US after all and since there are a lot of lawyers making the laws then it is possible.
In the UK we have people coming onto our property all the time to deliver mail, tell you to buy a TV license trying to sell you something or get you to contribute towards the charity who employ them on commission and whilst the later can be annoying we the tax payers are paying for the courts and the solicitors to have their time wasted because some tool can't be bothered to secure their home or is after an insurance payout.
For my part I would prefer to keep my front garden than shoot people if they step on my grass but then again I am not in the US.
@AC You're changing your definitions. You were talking about people coming through the window, not someone walking on your front lawn. If your mailman climbs through your window to deliver your post, believe me you are well within your rights to call the Police and have them arrested for tresspassing. Even in the UK. Same with TV licence people and charity collectors. You are also welcome to call the Police on them again for tresspassing if they were to climb into your back yard for that purpose. The front yard, however, usually allows for entry for the purpose of movingto your front door. if they decide to set up a rave in your front yard without your permission, then again they are tresspassing.
It's not so difficult to understand, now is it?
@Iglethal "You're changing your definitions"
Not at all, in the UK tresspass is not a instant crime. Here you have to refuse to leave before the police get involved.
however we also have laws created for the benefit of vested interests but generally rather than making laws to fill prisons where they again cost the tax payer, we instead try to prevent "crime" in the first place by placing a minimum responsibility on everyone to avoid inviting crime.
Here we used to have things like a welfare system so people do not have to steal to eat because providing money for food to the hungry is cheaper than the time of police, judges and then having pay to feed and house them anyway for the duration of their sentence. Same for housing costs and health care but these are being eroded by people who do not understand that if we have your laws then we get the same outcome that you have, i.e. people being shot all the time. I presume that shooting "criminals" without having to bother with courts or prison keeps your costs down but that just means the criminals go armed and innocents get shot by "accident" .
"It's not so difficult to understand, now is it?" I understand what you are saying, that the analogy is difficult for people who have more lawyers, guns and deaths by shooting per head of population than any other country. I can understand even you believing the BestBuy forensic expert's paid for evidence and the lesson here for everyone else is do not be a system admin in the US they are out gunning for you
US law of "criminal tresspass" I presume, still IMHO does not make just being on someone else property a instant crime but it is the US after all and since there are a lot of lawyers making the laws then it is possible.
No trespass charge in the US is for one of two things. You were told to leave and did not or it's plea deal from burglary.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
