Newsom helps S.F. re-boot
SAN FRANCISCO -- — Treat your I.T. workers well. Listen to their concerns. Encourage their creativity. But set up good checks to make sure they can’t hijack your system.
That may be the lesson in the wake of the 10-day standoff here between a computer network expert and the municipality for which he worked.
Terry Childs, 43, a suspended systems administrator for the city and county of San Francisco, sits in a jail cell, accused of tampering with the very computer network he was hired to maintain.
Until Mayor Gavin Newsom intervened, the systems administrator had refused to hand over the key passwords to unlock a multimillion-dollar municipal network, the pipeline for such critical data as the city’s e-mail, inmate records and payroll. The city discovered too late that Childs, who had set up the codes, was the only one who knew them, according to court documents.
For nearly two weeks, Childs insisted he was holding out for the city’s own good. Then, earlier this week, his attorney called the mayor, who was preparing to fly to Montana to be married, with a deal: Childs would release the passwords. But only to Newsom. Face-to-face.
So the mayor hurried to the jail to meet with the wayward city worker, who wrote the pass codes on a slip of paper the mayor had brought with him.
“I was thinking, working for Gavin Newsom is sometimes like being in the middle of a novel by Tom Clancy,” said mayoral spokesman Nathan Ballard, who accompanied Newsom. “In this chapter, the mayor questions the hacker, who hands over the secret code.”
On Thursday, city officials were trying to assure the public that they had learned their lesson, that never again would one employee be the sole keeper of such critical security data.
Experts say the case clearly shows how a key employee with enough knowledge of internal databases and networks can bring an organization to its knees.
“This is definitely not a San Francisco-only problem. It is every city and state and company using Cisco or Windows or Unix -- in other words, everybody,” said Alan Paller, director of research at the SANS Institute, a security training organization that operates the Internet Storm Center, an early-warning system for computer attacks.
The saga began last month when Childs “became very territorial” during a system security upgrade, said Ron Vinson, the chief administrative officer of the city’s Department of Technology. “That raised a red flag.”
City officials allege that on the night of June 20, Childs, who had already been the subject of concern because he had refused to provide colleagues access to the city’s network, threatened a supervisor and intimidated a person who was conducting an audit of the computer devices on the network, according to court documents.
That incident set up a showdown with Childs, who left his job July 9.
On July 12, Childs was arrested on four felony counts of computer tampering. In court documents, the city’s district attorney alleged that Childs had set up his own private network, bypassing city monitoring and security systems.
He also is alleged to have set traps so that if his bosses took the system down as part of a regular system maintenance, they would inadvertently cause a system failure.
Although government business still functioned normally, San Francisco officials were unable to delve into the network to fix the problem.
The city was forced to spend “hundreds of thousands of dollars” to hire outside consultants to break into the system, according to court documents.
But even that didn’t work. On Monday, when Childs’ attorney, Erin Crane, called City Hall offering to hand over the codes to Newsom, the mayor got right into his limousine for the short drive to the city jail.
“The mayor figured it was worth a shot,” Ballard said. “Although this guy isn’t Mother Teresa, he’s not John Gotti either. Most politicians would have called a meeting and a roomful of bureaucrats would have killed the idea.
“But Mayor Newsom grabbed his coat and said, ‘Come with me.’ ”
En route, Ballard began to have second thoughts about the mission. “I told the mayor that if he talked to Childs that he would become a witness in the case,” said Ballard, a former deputy city attorney. “He just said, ‘I know.’ ”
Many have applauded Newsom’s quick actions.
“I think he’s a hero,” said Board of Supervisors President Aaron Peskin. “He rose to the occasion. No job too big, too small or too weird. So what if he has to testify in court? He got the codes to the system.”
But, Peskin said, that “does raise other issues, like who in the hell was minding his computer store.”
Handing over the passwords Monday didn’t get Childs out of jail or persuade a judge to reduce his $5-million bail. City and county employees are still working to gain access to some parts of the system -- including areas involving the Sheriff’s Department and the city’s Recreation and Parks Department.
Meanwhile, some technology workers have expressed sympathy for Childs, saying his actions, while extreme, stem from frustrations common to overworked and underappreciated technology helpers.
The city has outsourced technology jobs among other moves, frustrating workers, said Richard Isen, chapter president with Childs’ union, the International Federation of Professional and Technical Engineers Local 21.
“There’s not a single person who supports his actions,” Isen said. “But a lot of my members feel they are misunderstood about what they do and their knowledge.”
Despite checks, many companies are vulnerable to the system administrators who set up the technology, said Paller of the SANS Institute.
“The nature of personal computing has always allowed the administrative user to be all powerful,” he said.
Until technology changes in a way that disperses that power, he added, “it makes a lot of sense to be very nice to your system and network administrators.”
--
john.glionna@latimes.com
More to Read
Sign up for Essential California
The most important California stories and recommendations in your inbox every morning.
You may occasionally receive promotional content from the Los Angeles Times.