It can be easy to underestimate the importance of maintaining permissions on your network. In fact, sometimes it takes a good dose of misfortune to present the consequences of unchecked access to your network. This time, the misfortune befell PA Online, an Internet service provider located in Pennsylvania.
A former system administrator for the ISP was recently handed down a prison sentence of two years and a fine of $26,000 for his activities on the company network–activities that ultimately caused the network to crash, plunging thousands of residents and businesses into an Internet blackout in 2010. The perpetrator, Dariusz J. Prugar, had been fired days before by PA Online, but his credentials were still valid.
With these credentials, Prugar attempted to steal software he believed to belong to him by planting backdoor access points into the network. In an attempt to hide his theft, Prugar also enabled scripts that were intended to delete access log files
What happened was somewhat more extreme. In reaction to those scripts, the entire system crashed, plunging thousands of users into Internet darkness. Prugar was called in to help, but aroused suspicion by demanding that the rights to the stolen software be renegotiated. PA Online called in the FBI on their suspicions, and the rest is history.
At the end of it all, PA Online’s customers spent a week waiting for the network to be rebuilt, and the company eventually had to close its doors–and all because a former employee could still access the company network.
The lesson here is clear: if an individual doesn’t need access to your infrastructure, they should not be able to access it. Enforcing this in your business could be the difference between a secure and successful business, and what happened to PA Online.
Symmetric IT Group can help you manage your solutions to make sure that those who shouldn’t be able to get in, don’t. In fact, a managed IT service provider like Symmetric IT Group can manage employee permissions for you, meaning that all you have to do is contact us about who needs to be removed from your systems and we’ll remote into your network and take care of the rest. For more information, give us a call at (813) 749-0895.