http://www.informationweek.com/news/showArticle.jhtml?articleID=199901760 By Sharon Gaudin InformationWeek June 6, 2007 An IT contractor who had been let go from his job at Daimler Chrysler pleaded guilty to sabotaging the auto-maker's wireless inventory network and causing more than $29,000 in damages. William A. Johns, 65, of Lake Orion, Mich., pleaded to the charge of unlawful computer intrusion in U.S. District Court. Under the terms of the plea agreement, he faces up to 12 months in prison and a fine of up to $250,000. Johns also will be required to make full restitution to Daimler Chrysler in the amount of $29,916 to pay for the costs associated with repairing the damaged network. "A case like this shows the potential vulnerability -- the potential for a seriously damaging breach," said Terrence Berg, First Assistant U.S. Attorney, in an interview with InformationWeek. "The company caught on quickly and took swift action so this didn't cause them especially significant damage. But it showed that the vulnerability was there and it gave them a chance to fix it." According to a release from the U.S. Attorney's office, Johns worked for Intermec, a consulting company hired to come in and set up a new wireless network for Chrysler's remote parts distribution facilities in Atlanta, Georgia, Portland, Oregon, and Denver and Colorado. MOPAR is Chrysler's parts distribution component. Johns was part of the installation team. However, Berg said at some point Johns was let go from the Chrysler job. Court papers showed that on Oct. 3, 2003, Johns entered the Daimler Chrysler Assembly plant in Sterling Heights, Mich. and accessed a computer kiosk in the visitors' lobby. Based on his familiarity with Daimler Chrysler's computer system and security systems, he used the terminal to delete files and passwords from wireless devices used in remote parts distribution facilities in remote cities. The government told the court that Chrysler was forced to remove and repair the devices, causing each MOPAR facility to shut-down for about seven and a half hours, causing more than $25,000 in damages. Berg said that while Johns was making his plea to the court, he called his actions "a prank." "If that's accurate, I don't know," added Berg. "Sometimes when someone is an IT consultant like that, they cause a problem because they want to be the one to fix it. They cause problems so they can be appreciated when they solve them." Berg said Chrysler was quick to call in the FBI when they discovered the incident. Johns is slated to be sentenced on Sept. 12. _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Wed Jun 06 2007 - 22:33:43 PDT