Remember the story earlier this year about one of San Francisco’s network admins going rogue and locking the city’s data systems with a master password that only he knew? Well, it looks like it’s not over. San Francisco have found a “mystery device” on their network.
It’s some sort of router, used to provide remote access to the secure municipal network from outside wired connections. City officials can’t log into it, however, because they don’t have the username and password. When they try, they get a message stating “This system is the personal property of Terry S. Childs” – the aforementioned ‘maniacal’ admin.
Even worse, they’ve got no idea where the router actually is. San Francisco will be spending $800,000 to hire network experts to map the whole network out properly and determine, geographically, where the unit is likely to be. The city have also hired a security consulting firm to conduct a vulnerability assessment of the network.
Childs remains in jail. Although he eventually gave up the master password to the Mayor of the city, after a standoff at the jailhouse, he still hasn’t provided passwords for a number of other systems which may contain sensitive information. He’s due in court at the end of this month, and could face upto seven years in prison.
San Francisco (via Network World)
Related posts: San Francisco city data system in lockdown | Hackers can exploit ISPs quest for cash by spoofing non-existent web sites