Fired IT worker arrested for "hacking" hospital network

An IT worker is accused of hacking his former employer—a Manhattan hospital. Bill Detwiler outlines fives ways IT can prevent similar incidents.

The New York Post reported Tuesday that a former IT worker from a Manhattan hospital was arrested last Friday and charged with computer trespass, unauthorized use of a computer, and fourth-degree computer tampering.

According to the article, Jason Wang "wreaked havoc with the computer system at North General Hospital in Harlem after he was fired by official there in September 2009..." The report doesn't specify what kind of "havoc" Wang is accused of wreaking, but it does indicate that authorities believe Wang used "a doctor's password and credentials to send a scathing e-mail to other hospital staffers, accusing Michele Prisco, North General's vice president and chief information officer, of being a racist."

Whether Wang is eventually convicted of these charges or not, the situation demonstrates the importance of strong internal IT security procedures.

In the October 10th, 2008 episode of TR Dojo, I discussed the following five security practices designed to prevent the situation outlined above:

  1. Follow the rule of least privilege
  2. Not all IT staff should be domain admins
  3. Monitor additions to admin-level groups
  4. Log all administrative activity
  5. Immediately revoke admin rights for terminated IT staff
IT Dojo: Five ways to keep your own IT staff from stealing company secrets High-profile breaches of private data are often the results of lost or stolen equipment, malicious hackers, or improperly disposed of storage devices. Yet, the July 2008 arrest of a network administrator who hijacked the city of San Francisco's network focused the spotlight on a potentially more dangerous threat--your own admins.<br/><br/>In this IT Dojo video, Bill Detwiler discusses five security practices that will help protect your company secrets from the very people who should be keeping them safe.<br /><br />Once you've watched this IT Dojo video, you can find a link to the original TechRepublic article and print the tip from our <a href="http://blogs.techrepublic.com.com/itdojo/?p=182">IT Dojo Blog</a>.

For additional help developing strong internal, IT security procedures, check out the following TechRepublic resources:

By Bill Detwiler

Bill Detwiler is Editor in Chief of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop supp...