The 2007 security hall of shame

Bad breaches, ghastly gaffes and five people we'd like to forget

... and your 2007 poster boys

Consultant turns bot herder: John Schiefer This former security consultant at 3G Communications of Los Angeles admitted in November to running a huge botnet of a quarter million PCs that infected other machines with adware programs, and to using spyware to steal bank and PayPal account information. He faces 60 years in prison on four felony charges, including wire and bank fraud and illegally accessing protected computers. Court documents say his cohorts, including several minors, infected over 135,000 PCs with a password-stealing Trojan program and then used the stolen data to access PayPal and other financial accounts.

Exit strategy: Gary Min In the five months before he left DuPont for a scientist position at a rival company, Gary Min quietly accessed and downloaded confidential company documents valued at an estimated US$400 million. During that time, he downloaded and accessed more than 15 times as many documents as the next most active user of the DuPont database system, but he wasn't caught until after he left the company for the rival firm. He admitted in November 2006 to stealing DuPont trade secrets; the case became public in January after details were unsealed by a federal prosecutor. A US District Court judge, in November sentenced Min to 18 months in prison and ordered him to pay a US$30,000 fine and US$14,500 in restitution to DuPont. The sentence is substantially less than the maximum of 10 years in prison and a US$250,000 fine that Min might have received.

Don't drop the soap: Ivory Dickerson This North Carolina native and former civil engineer was sentenced in December to 110 years in prison after admitting that he and a co-conspirator hacked into computers used by young girls and used illicitly gained data with which to terrorize them into sending lurid photos of themselves. Dickerson trolled MySpace to find underage girls in the Broward County, Florida, area. When he made contact with a potential victim (via IM or e-mail), he'd entice them into opening a file containing a Trojan program that gave him and a co-conspirator control over her computer. He would then try to use hacked information to coerce the girls into sending photos -- threatening to harm them or their families if they refused. The investigation revealed not only photos of various teenagers, but a number of bestiality photos as well, ensuring that disgust about Dickerson is shared around the food chain.

Unbirthday boy: Yung-Hsun Lin Lin, a former Unix system administrator at Medco Health Solutions' New Jersey, office, pled guilty in September to planting a logic bomb that would have destroyed critical data -- including prescription drug data for individuals -- on more than 70 servers. He planted the bomb in the belief he would lose his job after Medco was spun off from drug maker Merck & Co. in 2003. The bomb was first set to go off on Lin's birthday on 2004, but when it failed to work he reset the clock for it to go off ion the same date the following year. The bomb was discovered in early January 2005, months before it was scheduled to be triggered. Lin pleaded guilty to one count transmitting computer code with the intent of causing damage in excess of US$5,000. He is scheduled to be sentenced on January 8. He faces a maximum 10-year sentence and US$250,000 fine.

Pick a hat already: Maxwell Butler Also known as Max Vision, this former security consultant was indicted in September by a federal jury on three counts of wire fraud and two counts of transferring stolen identity information. Butler, who used various online aliases, including Iceman, Digits and Aphex, hacked multiple computer networks of financial institutions and card processing firms, selling the account and identity information he stole from those systems. He even made a cut on the profits his accomplices made by selling merchandise that was purchased using the stolen payment card information.

But here's the thing: Butler was once well known in the security community as a researcher. In 2000, he pleaded guilty to one felony county for breaking into protected military and government computers and served jail time for that. He was also accused of hacking into the networks of the developers of PC games Doom and Quake, and stealing several hundred access passwords to a California Internet service provider. During that trial, it was revealed that he had been an FBI informant for at least two years.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jaikumar Vijayan

Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?