The malicious code also locked SBT out of its own network so the damage
could not be repaired by the normal process of remotely reconfiguring
the access points from the company's office. This forced SBT's
executives to send technicians to the homes or businesses of every
single subscriber. Some users were down for less than a day while others
were out of service for up to three weeks, according to the indictment.
Fisher's malicious code also was designed to force SBT's equipment to
repeatedly broadcast radio signals that would interfere with the signals
of UT1 Internet and its customers.
http://news.yahoo.com/s/cmp/20061216/tc_cmp/196700266
A former IT consultant for a wireless Internet service provider was
sentenced to two years in prison for breaking into the company's network
and bringing down their service last year.
ADVERTISEMENT
Ryan Fisher, 24, of Vernal, Utah, received a sentence of 24 months in
prison to be followed by 36 months of supervised release for
intentionally damaging a protected computer. U.S. District Judge Paul G.
Cassell also ordered Fisher to pay $65,000 in restitution.
Fisher was charged on Feb. 15, 2006, in connection with the Feb. 28,
2005, attack that shut down Wi-Fi service to the customers of SBT
Internet and UT1 Internet, which both provide service in and around
Vernal, Utah. He pleaded guilty and was sentenced on Wednesday.
The attack cut off service for one woman who was waiting for an e-mail
notifying her about the availability of an organ transplant that she
required, according to prosecutors. Because of her critical status, her
provider gave her priority status and restored her access within 24 hours.
"Had her medical providers sent her an e-mail notifying her of a
suitable organ donor and had she not responded because of her lost
Internet access, she might have lost her priority for an organ, thus
potentially extending the period she would have to wait for another
donor," wrote prosecutors in the indictment.
SBT Internet hired Fisher in the fall of 2004 as a contractor to help
install and support wireless networks. The company trained Fisher and
provided him administrator-level access to its networks. They also gave
him passwords and encryption keys for customer's access points, as well
as for the computer that controlled the company's radio towers that
transmit Wi-Fi signals to its users.
Fisher reportedly stopped working at SBT in February, 2005 because of a
"disagreement about some financial and business issues," according to
the indictment.
After he left SBT, he went to work for Internet Works, a competing
service provider in the same area. He then bought the company and
changed its name to East Basin Internet.
According to the government, Fisher admitted he used an administrative
password to break into SBT's network on Feb. 28, 2005. Once in the
network, he plant malicious code that directed the radio tower computer
to cut off Wi-Fi service to the company's users.
The malicious code also locked SBT out of its own network so the damage
could not be repaired by the normal process of remotely reconfiguring
the access points from the company's office. This forced SBT's
executives to send technicians to the homes or businesses of every
single subscriber. Some users were down for less than a day while others
were out of service for up to three weeks, according to the indictment.
Fisher's malicious code also was designed to force SBT's equipment to
repeatedly broadcast radio signals that would interfere with the signals
of UT1 Internet and its customers. Both companies reported spending at
least $5,000 each to discover what was causing the outages and get
service back up.
In total, more than 170 customers lost Internet service. The attack
reportedly caused more than $65,000 in damages.
--
George Rogato
Welcome to WISPA
www.wispa.org
http://signup.wispa.org/
--
WISPA Wireless List: wireless@wispa.org
Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless
Archives: http://lists.wispa.org/pipermail/wireless/