Tech Tuesday: Fired Employee Convicted After Trashing Company Server

JIRAROJ PRADITCHAROENKUL
JIRAROJ PRADITCHAROENKUL

Tech Tuesday.png

When you get to job hunting, especially in IT, you may notice more and more potential employers asking for social media platforms you are on, and engaging in background checks going well beyond your list of references. Unless you’re applying for a security clearance job, this may feel excessive, if not intrusive. Isn’t your private life, you know, private?

Well, there’s a reason behind this uptick in security.

A few months ago, Joe Venzor, a member of a boot company’s IT Help Desk, pled guilty to a cyberattack against his former employer, the Lucchese Boot Company. He faces up to ten years in prison and a $250,000 fine for, simply put, losing his temper and attempting to get in the last word with his company.

CyberattackHow this all unfolded begins at the end of 2016’s summer. Venzor was fired, the reason not listed in the complaint. On being notified of his termination, he grew agitated to a point where it took him over an hour to get him out of the office. After his firing, Venzor created a backdoor access to Lucchese’s server, shut down the servers, then deleted core system. All this happened before he left the building at 10:30 a.m. By 11:30 a.m., the company’s email and application servers had been shut down, Lucchese’s online ecommerce system went dead, and all activities ground to a halt at the factory. Employees had to be sent home.

Simply put, Venzor vandalized the company’s SUV, parked it in an Electric Vehicle charging station, set the car on fire, and then threw the keys into the river.   

It was when the remaining IT staff tried to restart Lucchese’s system that they discovered the core system files deleted and their account permissions had been demoted. Without a core system in place or no one holding permissions to access the server, all Lucchese associates were locked out of the company’s system. Lucchese was forced to hire an independent contractor to clean up the damage, resulting in weeks of backlogged and lost orders.

While recovering from the attack was difficult, finding out who did it was simple. Venzor clearly set himself up as the prime suspect in this cyberattack given the timing of the incident. It was just too coincidental. On checking his account history, investigators discovered Venzor had been collecting usernames and passwords of his IT colleagues, and created this backdoor account and disguised as an office printer, showing premeditation. The major trip up for Venzor  was not the backdoor account, but that he had used that account from his official work computer to do all the damage. So there was some planning in this, but this plan did not necessarily mean he was a Bond Villain in his execution.

Now you know why businesses are making background checks more commonplace. Many security break-in’s in the IT world are inside jobs. The more you know about who you are hiring, and how they handle themselves both in and out of the office, the easier it is to avoid situations like this.

 


 

shurtz.jpgA research physicist who has become an entrepreneur and educational leader, and an expert on competency-based education, critical thinking in the classroom, curriculum development, and education management, Dr. Richard Shurtz is the president and chief executive officer of Stratford University. He has published over 30 technical publications, holds 15 patents, and is host of the weekly radio show, Tech Talk. A noted expert on competency-based education, Dr. Shurtz has conducted numerous workshops and seminars for educators in Jamaica, Egypt, India, and China, and has established academic partnerships in China, India, Sri Lanka, Kurdistan, Malaysia, and Canada.