Former IT worker pleads guilty to damaging Verizon computers

[InfoSec News <isn () C4I ORG>]

http://www.computerworld.com/cwi/story/0,1199,NAV47_STO58845,00.html

By BRIAN SULLIVAN
March 22, 2001

A 32-year-old Florida man faces up to 10 years in prison and a
$250,000 fine after he pleaded guilty Tuesday to a charge of
intentionally damaging protected computers at a network support center
owned by Verizon Communications Inc., according to a plea agreement
released this week by the U.S. attorney's office in Tampa, Fla.

Michael Whitt Ventimiglia, a former IT worker at GTE Corp., is
scheduled to be sentenced within the next three months for deleting
information stored on systems in the Tampa-based facility, said Steve
Cole, a spokesman for the U.S. Attorney for Central Florida. The
incident took place last May, shortly before GTE merged with Bell
Atlantic Corp. to form Verizon.

Cole said Ventimiglia's actions resulted in more than $200,000 in
damage at GTE's Network Service Support Center. The plea agreement
states that the government won't oppose a lesser sentence than the
maximum 10-year prison term, but it also notes that Ventimiglia could
be required to pay reparations to Verizon for the damage he caused.

"We are not going to speculate on what the sentence should be," Cole
said. "[But] the message should be put out there to people that the
federal government takes this kind of crime very seriously. It is not
a prank; it is not a joke."

Assistant U.S. Attorney Donald L. Hansen backed up that sentiment.
"When you look at all the facts around this case, it makes it a pretty
serious case," said Hansen, who also is the computer technology crimes
coordinator for the Tampa office. "We would not like to see it happen
again. Any information that can go out to the general public that
people are being held accountable for their acts is very, very
important."

Hansen said Ventimiglia, who currently is free on a $10,000 bond, used
his ability to gain access to GTE's secure computers at about 3:00
a.m. last May 15. Once he had access, Hansen added, Ventimiglia began
to erase data contained in the computers and entered a command that
prevented anyone from stopping the destruction process.

Other IT workers at the GTE facility "couldn't stop it," Hansen said.
"It wasn't that they didn't catch it -- it's that they could not stop
the self-destruction of the material [once it had started]. This was
definitely caused by someone familiar with the computer and the
computer code."

Hansen and Cole said they didn't know what motivated Ventimiglia to
tamper with the systems, and attempts to reach Ventimiglia and his
attorney were unsuccessful. However, Verizon spokesman Bill Kula
termed Ventimiglia "a rogue employee."

Because of his job, Ventimiglia had access "to a secure area, and he
severely abused those privileges," Kula said. "Regrettably, a rogue
employee committed a crime against the company, and we fired him. All
the necessary steps were taken to protect our customers, and at no
point in time was any of our customers' information jeopardized.

Computer crime analyst Ron Russ, CEO of R.L. Russ & Associates in
Alvarado, Texas, said this kind of incident is particularly difficult
to stop.

"It's not as uncommon as you think," said Russ, who often gives expert
testimony in court cases involving IT crimes. "A lot of disgruntled
employees will damage their employers' [systems]. And if they're good,
it is relatively difficult to pinpoint who did it." Russ added that he
hopes Ventimiglia will get the maximum sentence in order to send a
message to other potential perpetrators of such crimes.

Ventimiglia was suspected from the start and was questioned almost
immediately by GTE officials and the FBI, Hansen said. Before
Ventimiglia can be sentenced, Hansen added, a probation report has to
be drawn up for the judge. Preparing that report may take several
weeks, so a specific date for the sentencing hasn't been set yet.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".