Published on September 30th, 2019 📆 | 2759 Views ⚑0
Holy smokes! Ex-IT admin gets two years prison for trashing Army chaplains’ servers • DigitalMunition
A former system admin for a US Army contractor has been sentenced to two years behind bars for trashing his employer's network on his way out the door.
Barrence Anthony, 40, of Waldorf, Maryland, was given the sentence by US District Judge Leonie Brinkema in the Eastern District of Virginia court after pleading guilty to one count of accessing a protected computer without authorization.
In December of 2016, Anthony learned his job with government contractor Federated IT was soon to be terminated. Anthony, who had been assigned as an administrator for a series of AWS servers managed for the US Army Chaplain Corps, responded by removing all admin accounts apart from his own and having DNS registration transferred to his name.
This resulted in an outage of the Army's Chaplain Corps Religious Support System as pastoral staff were unable to log into the portal and students were locked out of training materials.
Anthony went on to delete critical project files from the server, including network diagrams and login information for the AWS accounts, while also making backups of the machine's data for his personal use. In the following weeks it is said that Anthony, who by now had been terminated, also launched a series of denial of service attacks against the Army's AWS servers to further disrupt the portal.
Rogue IT admin goes off the rails, shuts down Canadian train switches
"He specifically targeted his actions to do harm to one of the company’s most lucrative contracts with the US Army Chaplain Corps," the DOJ said in announcing the two-year sentence.
"The proprietary information that Anthony took was specifically built for the US Army Chaplain Corps and the victim company assigned it a value of over $1m. The cyber sabotage also disrupted a Chaplaincy Resource Management Course in Jackson, South Carolina, impacting 19 chaplain corps students."
Anthony's legal team countered that while he did make backups of the data, he never used that information and the $1m estimate for damage caused was overblown. They also noted that well into 2017, long after he had left the company, Federated left Anthony's access rights to the AWS servers active, without any further incidents occurring.
In addition to two years with credit for time served, Anthony has been ordered to pay Federated IT $49,233.09 in restitution and will get three years supervised release once he is out of prison. ®
Serverless Computing London - 6-8 Nov 2019