Saturday, November 11, 2006

Beware the Former IT Director

The U.S. Attorney's Office for the Southern District of Florida announced (here) the indictment of Joseph H. Shook for violating the computer crime statute, 18 U.S.C. Sec. 1030, for allegedly hacking into the computer system of his former employer.  Shook had been the Director of Information Technology for Muvico, which operates movie theaters, primarily in Florida.  He was laid off from his position in February 2006.  On May 5, 2006, the day Mission: Impossible III premiered, Muvico's computers suddenly stopped taking on-line ticket orders, and the theaters at six of its largest complexes could not process credit card payments for tickets, forcing the theaters to accept only cash.  The company estimated that the computer problem caused it to lose at least $100,000 in sales.  A few months after the problem, the government seized a wireless access device from Shook that had the same Media Access Control (MAC) address as the computer that accessed Muvico's system on May 5 and blocked electronic payments.  The indictment (here) notes that the only way to tap into the Muvico's computer system through the wireless device is to be inside its headquarters building or within five hundred feet of it.  Whoever hacked into the system literally may have been hiding in the bushes when the computer access occurred.  As the IT director responsible for implementing Muvico's computer security measures, Shook would probably know how to get around them.  It is interesting how the government used the information from the company's computers to track how the system was accessed, showing again that even in cyberspace it is very hard to hide. (ph)

Computer Crime, Prosecutions | Permalink

TrackBack URL for this entry:

Listed below are links to weblogs that reference Beware the Former IT Director:


Post a comment