http://news.yahoo.com/s/nm/20080109/tc_nm/usa_crime_computers_dc_2


Man gets record sentence for computer sabotage

1 hour, 32 minutes ago

NEW YORK (Reuters) - A computer systems administrator was sentenced to 30 months in prison on Tuesday for trying to sabotage his company's servers out of fear he was about to lose his job, prosecutors said.

The U.S. Attorney's Office in Newark, New Jersey, said Yung-Hsun Lin received the longest ever federal prison term for a criminal attempt to damage a computer system.

He was also ordered to pay $81,200 in restitution to his former employer, pharmacy benefit manager Medco Health Solutions Inc (MHS.N).

Lin, 51, admitted he modified computer codes and added code to create a "logic bomb" designed to wipe out servers on Medco's network in October 2003, around the time Medco was being spun off by Merck & Co (MRK.N), authorities said.

Lin feared he might be affected by resulting layoffs. Part of the code included script to launch the attack on his birthday, but it failed, they said.

Medco servers contained software applications relating to clients' clinical analyses, rebates, billing and managed care processing. The unauthorized coding was found by another computer administrator in January 2005, authorities said.

sudo rm -rf server

:popcorn:

Sweet! I don't like Medco either. Used to work in a pharmacy, and they were always a pain.

"but it failed"
Wow, if you're going to do something that stupid and get thrown in jail for it, at least make sure it's going to work.

Good. He's an idiot!! Trying to bring down a business and putting OTHER peoples jobs at risk.

This guy was a tool, and got what he deserved.

First, from a practical stand-point...

Large companies keep tons of stuff backed-up these days, usually off-site or in secondary locations the admins can't delete, and usually have a disaster recovery plan to get back on their feet quickly. Plus, they usually run loggers to see who's doing what and trace it back to the culprit.

Even if he succeeded, they would eventually trace the malicious damage back to him through virtual or physical evidence. Even if his code was ultra-leet, and wiped itself out and covered all his tracks, a cyber-crimes detective could probably trace the crime back to him by interviewing co-workers and such.

As for my personal opinion, this guy pisses me off for 2 reasons...

1) he's freakin selfish. Ok, maybe his boss was a jerk and he hated the company, but that's no excuse to make other workers, whom he may like or not know, suffer for it.

2) he was doing this out of sheer malicious spite. It wasn't like he was doing it for some altruistic "greater good". If this guy was actually doing this for the greater good, he'd probably be hailed as a hero right now. But, no, he was just some stupid, selfish hacker, and not even a good one, that couldn't think 5 feet in front of his face.

"Gee, my code didn't fire off. And, I'm not fired. Wow, I really dodged a bullet there. A smart person would take this as a sign, and go wipe out the code to cover their tracks. But, no, not me! Even though I still have my job, I'm going to go change the code so it'll fire off NEXT year on my birthday!"

Moron.

I thought this was going to be a Bill Gates story. :(

LOL WOW! he failed too... yea if your gonna go down, go down doing something exciting :P

One has to suck big time when they can't take down a server they have complete on-site access to. Jesus, what an idiot.

lmfao! yes definetly a dumbass

sudo rm -rf server

:popcorn:

and then...

sudo rm -rf job

followed by...

sudo aptitude install jail

The administrator must be a real loser.