back to article Ex-school IT admin binned student, staff accounts and trashed phone system

The former IT administrator of a public high school has agreed to plead guilty to a computer abuse charge for deactivating student and staff accounts, wiping some profiles, and disabling the phone system. On Wednesday in a Boston federal court, Conor LaHiff, 30, was charged sans indictment – and agreed [PDF] to plead guilty to …

  1. ecofeco Silver badge

    I'll bet something else as well

    I'd bet good money he was also a pain in the ass to work for.

    1. Bebu
      Windows

      I'd bet good money he was also a pain in the ass to work for.

      I am guessing he was, in spite of the role titles, at the bottom of the heap - more PFY 2nd class than BOFH. More Gomer Pyle than George Patton. The "school director of technology" was probably the ranking BOFH.

      The BOFH would either go for the window option or something even more nuclear.

      LaHiff certainly departed in LeHuff.

      Not a deep thinker I suspect. I can think of dozens of really nasty sleepers and evil easter eggs that would only wreak havoc long after I had sipped my first Piña Colada on Ipanema Beach. ;)

      I just cannot see where the money is in this lark. The real BOFH is always in credit at the local besides still being employed as well as not incarcerated (miraculous considering the number of homicides.)

      1. Terje
        Pint

        Re: I'd bet good money he was also a pain in the ass to work for.

        Homicides? My good man that is slander! There have never been any evidence of wrongdoing from this upstanding member of society, pillar of the community and pride of administrators everywhere!

        1. jmch Silver badge

          Re: I'd bet good money he was also a pain in the ass to work for.

          Indeed, they were all unfortunate industrial accidents!

        2. An_Old_Dog Silver badge

          Re: I'd bet good money he was also a pain in the ass to work for.

          There have never been any evidence of wrongdoing strong, unambiguous, prosecutable evidence of wrongdoing from this upstanding member of society, ...

          FTFY.

        3. Mike007 Silver badge

          Re: I'd bet good money he was also a pain in the ass to work for.

          The HR director, however, appears to have been googling "how to get away with murder" according to the logs.

      2. Not Yb Bronze badge

        Re: I'd bet good money he was also a pain in the ass to work for.

        If you watch the show, Gomer Pyle was actually a pretty good soldier, and most definitely would not have broken something on purpose. Now, breaking something by stupidity, sure, he'd do that if it was funny.

        Also, the actor was a very good singer.

    2. This post has been deleted by its author

  2. Anonymous Coward
    Anonymous Coward

    The three rules of effective revenge

    1. Was it impactful?

    2. Did you profit handsomely from it?

    3. Are you already on the plane to Rio?

    1. jmch Silver badge
      Devil

      Re: The three rules of effective revenge

      3. Are you already on the plane to Rio the Maldives?

      https://worldpopulationreview.com/country-rankings/countries-without-extradition

      1. An_Old_Dog Silver badge

        Re: The three rules of effective revenge

        Make sure it's a non-stop flight. A friend of mine had worked as a police officer and was involved in the detainment, arrest, and extradition of some poor sod illegally fleeing his dictator-controlled, third-world, hellhole of a home country. The sod wasn't even trying to enter our country; his flight simply had a layover here. Someone -- possibly racist -- triggered on his physical features, called security, official questions were asked, documents were produced which weren't quite up-to-snuff, he was detained for further investigation, then arrested, held for deportation, and eventually returned to his home country, where he was undoubtedly tortured to death, because that's the sort of "government" they have.

        My friend went on a multi-day bender, then resigned his position. And that's one reason why he's my friend.

      2. rcxb Silver badge

        Re: The three rules of effective revenge

        https://worldpopulationreview.com/country-rankings/countries-without-extradition

        "France Has Extradition with US"

        Someone better tell Roman Polanski

  3. nintendoeats

    Home confinement, except as needed for employment. Employment by whom I cannot imagine.

    1. Anonymous Coward
      Anonymous Coward

      Municipal dump?

      I wouldn't trust this chap with anything more technical than a broom now.

  4. An_Old_Dog Silver badge
    Facepalm

    NerdRageQuit

    His plan was poorly (if-at-all) thought out. Police-thinking: "Who could possibly have done this, and had motive to do so? Oh, the head of the school's IT who was just fired? Let's start by looking at him."

    1. David 132 Silver badge
      Happy

      Re: NerdRageQuit

      Apart from just a few minor details - such as timing, motive, alibi, and execution - it was pretty much the perfect crime, right?

      1. Mayday
        Facepalm

        Re: NerdRageQuit

        Indeed. I do wonder why someone with half a brain would think they could actually get away with it.

        Hmmm... I think I just addressed my own statement.

        1. david 12 Silver badge

          Re: NerdRageQuit

          "who would think they would get away with it"

          Policing is more effective than punishment for that reason, but neither address the problem of crimes committed by people who are self destructive -- "I'll commit this crime because I'm worthless and I hate myself"

        2. short a sandwich

          Re: NerdRageQuit

          Would have got away with it too, except for those nosey kids!

        3. Mark 85

          Re: NerdRageQuit

          ndeed. I do wonder why someone with half a brain would think they could actually get away with it.

          Hmmm... I think I just addressed my own statement.

          Seems that one thing all criminals have in common is less than half their brain cells are working and they think they can get away with it.

          1. W.S.Gosset Silver badge

            Re: NerdRageQuit

            >one thing all criminals have in common

            All criminals that we becomeaware of...

    2. Joe W Silver badge

      Re: NerdRageQuit

      Also quite a d'oh moment for the IT department of that school. Why is their account still active after they had stopped being employed? No, I do not blame the victim, but that was a stupid thing to have happened. If you sack somebody you need to disable their f'ing accounts... Jeesh!

      Still, not a cool move.

      And the bofh would not have been sacked, and not found out. Instead it would have been pinned on the head of systems, helpdesk and IT.

      1. Anonymous Coward Silver badge
        Holmes

        Re: NerdRageQuit

        Doesn't every BOFH have spare accounts that they've created and not documented ready for such an occasion?

        Obviously it's in case my primary account gets corrupt in some way, not intended to wreak havoc anywhere.

        1. chivo243 Silver badge
          Devil

          Re: NerdRageQuit

          Yes, yes we do…. I’ll have to ask a former colleague if anyone has questioned the existence of a certain account….should be good for a few laughs.

        2. emfiliane

          Re: NerdRageQuit

          This might sound painfully cringe but I logged into a few service accounts I knew by heart a few times after my termination from one job, just to make sure than the factory systems I'd set up were still running smoothly and nothing had broken down from a cock-up since. All was good, so I signed off those for good.

        3. An_Old_Dog Silver badge

          Re: NerdRageQuit

          Re spare accounts:

          1. Doesn't the head of computer security have independent-of-BOFH programs which scan for and report the existence of root-equivalent and administrator-equivalent accounts?

          2. Doesn't every BOFH have at least one piece of software they've modified and installed from source which (a) has legitimate need for root/administrator-equivalent privileges, and, (b) when presented with certain magical inputs and the appropriate passphrase, gives the user a root/administrator-level shell prompt?

      2. Pascal Monett Silver badge

        Re: NerdRageQuit

        There's nothing in the article that says that he no longer had access after he was fired.

        It's a university. Those things are not exactly renowned for having proper firing procedures, let alone IT procedures. I'm guessing he got called to the Head Office (or whatever equivalent), got told he was fired, and got sent back to his desk to clean up by himself and let himself out.

        Yes, he's a blithering idiot and yes, he will never get work as an IT admin again. Way to capitalize on your diplomas. But there is nothing that says that he went home and wreaked havoc from there - although there's a 99% chance that the uni would not have had the administrative time to lock his account before that since unis are serially incompetent in everything IT.

        So yeah, he was an idiot, but if the uni had handled the situation with proper oversight, it wouldn't have happened. The uni paid the price in inconvenience. The idiot will pay the price in a McDonalds kitchen.

        Fitting for all, I say.

        1. disgruntled yank Silver badge

          Re: NerdRageQuit

          In the US vocational-technical high school is a step down from a university. In fact, in the old days most of the students at such a school would not have been expected to attend a university--the instruction focused on trades, not on college preparation.

          Having said that, US school districts often have IT departments that manage the systems of several or many schools. Whether that is the arrangement in Haverhill, Massachusetts, I don't know

      3. Orv Silver badge

        Re: NerdRageQuit

        You're assuming they had an IT department other than this one guy.

    3. Not Yb Bronze badge

      Re: NerdRageQuit

      I found a somewhat useful definition recently.

      Criminology is the study of criminals who got caught.

    4. DuncanLarge

      Re: NerdRageQuit

      Exactly, any idiot would surely know that you should write a script to go off a few years AFTER you were chucked out. :D

  5. Ace2 Silver badge

    “IRL BOFH”

    You mean the rest of BOFH isn’t IRL?

    1. Bebu
      Headmaster

      Re: “IRL BOFH”

      Really getting old. Had to google IRL - I thought it had something to do with ham radio and some internet relay service.

      In Real Life.

      The BOFH is some sort of Platonic ideal from which real (IRL) BOFHs emanate.

      In this case the image was severely distorted.

  6. Michael H.F. Wilkinson Silver badge

    Rather amateurish wannabe BOFH

    The real BOFH knows so much better how to create real mayhem and get away with the sabotage, even when he is still in the building, as witnessed when he used his ether-killer.

    1. Korev Silver badge
      Flame

      Re: Rather amateurish wannabe BOFH

      I'm pretty sure you used to be able to buy your own Etherkiller T shirt from El Reg, via NTK if memory serves...

    2. bemusedHorseman
      Mushroom

      Re: Rather amateurish wannabe BOFH

      "The 31 hefty nicad batteries that make up almost the entire inside of my "laptop" pour grunt into a tripling inverter which in turn supplies RICH, CHUNKY VOLTS to alternate pins on the "SCSI" bus, whilst emitting a dull "uuurk" sound."

      Ah, quintessential BOFH right here. Does this mean he invented the concept that would later become the "USB Killer"?

  7. Jamesit

    First revoke privileges then fire. Why would somebody do this? It's going to be hard for him to get a job after this. I guess he wants to ask if you would like fries with that?

    1. Doctor Syntax Silver badge

      Would you really trust him with hot fat?

    2. Pascal Monett Silver badge
      Trollface

      He was IT Admin. What makes you think he wants to deal with customers ?

      At best, he'll be cooking the fries.

    3. bemusedHorseman

      Correct. If things are done properly, the ex-admin should first learn of their firing by discovering their creds no longer work. Only once this has happened, do you take them to HR to make it official.

      1. Kernel

        "the ex-admin should first learn of their firing by discovering their creds no longer work."

        Ah, constructive dismissal - cue compensation for loss of dignity, lost income, etc., paid by the employer to the ex-admin, not to mention the possibility of an order to reinstate employment.

        In many countries there are very specific processes that need to be followed to dismiss someone - calling them into the office and telling them they are fired doesn't cut it except in very exceptional circumstances.

  8. WanderingHaggis
    Pirate

    What was the reason for him being sacked

    If he was sacked there must have been something already going on so why wasn't he locked out first? Basic opsec. As suggested he might have had a back door -- audits may have been his responsibility so he can hide but still... The guy needed to go so check that your car isn't beneath the chosen window.

  9. Mike 137 Silver badge

    After losing his job?

    "After losing his job, LaHiff allegedly used his administrative privileges to wreak havoc on the school's IT network

    Once again an organisation succumbs to poor management policy. Privileges should be removed before the dismissed party leaves the premises for the last time and they should be closely supervised from the moment the decision is imparted to the moment they depart.

    1. imanidiot Silver badge

      Re: After losing his job?

      He was employed by a school. No offense to all school/education IT workers but I wouldn't imagine it to be a bastion of highly competent IT people. There's a good chance he was one of the few there who actually knew his RJ45s from his RJ11s

  10. Anonymous IV
    Facepalm

    Dontcha love the US court system?

    Where someone gets charged with a whole heap of crimes, but plea bargains them all down to a single charge of littering...

    1. Ashentaine

      Re: Dontcha love the US court system?

      Though in this case his professional reputation is completely ruined, and even in a non-technical position potential employers are going to be putting him at the back of the hiring line because they're not going to trust anyone who willingly destroys property. That's going to be far more punishing in the long run than a stint in a minimum security jail cell.

    2. chivo243 Silver badge

      Re: Dontcha love the US court system?

      We used to call it a horn blowing incident…

    3. NoneSuch Silver badge
      Mushroom

      Re: Dontcha love the US court system?

      "Where someone gets charged with a whole heap of crimes, but plea bargains them all down to a single charge of littering..."

      The typical scenario in the US is charging someone innocent with drug possession, threatening months of incarceration, legal bills and severe jail time, then good cop says, just plead guilty to these minor charges and we let you go. Boom, innocent person now has criminal drug convictions on record and the cops pat themselves on the back for another uptick in their conviction stats.

      1. Helcat Silver badge

        Re: Dontcha love the US court system?

        Yup - that's always the fear with these stories: His plea deal could be the result of being bullied into it through threats of 'We've proof it was you, so just go easy on yourself and admit it'.

        That approach casts some doubt as to if the person was ever guilty. All it does tell us is they (the police/prosecutors) didn't have a solid case.

        Doesn't mean he was innocent - he might have known his goose was cooked and saw the plea deal as his best hope of getting off lightly. But it also raises the spectre of him being innocent and some other actor was behind the mischief - or perhaps it was pure incompetence.

        Either way, the best option is always to ensure that the person leaving has had their accounts/access/privileges revoked before they're walked out of the building - best for the employer, and the employee, simply because it helps to protect both - removes temptation from him, and gives him a damn good alibi should something like this happen. Of course, should there be someone else who was planning on such mischief... not revoking his access would give them the perfect scape goat.

    4. Mark 85
      Coat

      Re: Dontcha love the US court system?

      Where someone gets charged with a whole heap of crimes, but plea bargains them all down to a single charge of littering...

      I guess they forgot to add the charge of "and being a public nuisance". Hmm.... showing my age. I'll get my coar.

      1. An_Old_Dog Silver badge

        Alice's Restaurant Massacree

        I love that song. I first heard it on a friend's phonograph player.

    5. martinusher Silver badge

      Re: Dontcha love the US court system?

      The idea of 'taking into consideration' isn't known here.(US)

  11. chivo243 Silver badge
    Angel

    Loopy

    Just fiddle with a few cables here and there, a couple of loops, hard to prove who moved a couple of cables… it’s an imperfect world, sir, screws fall out all the time…

    -John Bender

  12. Blackjack Silver badge

    Next time just set Windows to update during working hours, will be quite hard to get jail time for that.

    1. ecofeco Silver badge
      Pint

      Right? This is how it's done. Do nothing and let the system eat itself.

      Have one on me. You are obviously a true pro and veteran. ----------------------------->>>>>>>>

  13. John Savard

    Slap On The Wrist

    The penalties, in my mind, are not sufficient to achieve the goal of ensuring that this is the last time that anyone ever will try something like this, after seeing what happened to him for doing it.

    Therefore, innocent people will continue to be forced to go to effort and expense to lock out fired employees from their computer systems.

    And I note that he was charged with causing damage to a "protected" computer system. Instead, the law should give equally severe penalties to people who tamper with any computer system, such as your home computer and mine.

    Of course, legal penalties for hacking that inspire terror only work against miscreants not working from within unfriendly nations not subject to regime change, such as Russia and China with their nuclear weapons. So we also need operating systems like Windows and OS X to be made secure.

    1. gnasher729 Silver badge

      Re: Slap On The Wrist

      No punishment for this guy will prevent further cases. Because whoever does that kind of thing is an idiot who doesn’t think about the consequences.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like