Rogue IT admin goes off the rails, shuts down Canadian train switches

Grouchy Grupe gets a year and a day behind bars after going loco on network hardware


A former IT administrator at the Canadian Pacific Railway has been jailed for 366 days for sabotaging the organization's computer network.

Christopher Victor Grupe, 46, had a rocky relationship with his employers: in December 2015, he was suspended for 12 days for insubordination and just not making the grade as a sysadmin. After sitting on the naughty step, he returned to the office on December 15 to be told he was being let go, and this got him rather fired up.

Grupe, who worked at the railway's US headquarters in Minneapolis, convinced his bosses to let him quit rather than sacking him. The company acquiesced, and Grupe walked out after signing a resignation letter. He also agreed to return his laptop, remote access authentication token, and access badges.

On December 17, Grupe choo-choo-chose to take a walk on the other side of the tracks, and got up to mischief. Specifically, he used his work notebook and credentials to log into CPR's computer network switches, and began to let off some steam.

boot

Yee-hacked! Fired Texan sysadmin goes rogue, trashes boot business

READ MORE

Grupe removed administrator-level accounts, deleted certain key files, and changed the passwords for other accounts on the networking hardware, a US district court jury in Minnesota heard.

He then wiped the laptop he used to sideline the switches, destroyed all and any logs in an attempt to cover his tracks, and handed back the computer.

On January 5, the network hit the buffers. IT staff at CPR tried to log into the switches, and found they were locked out. According to court documents [PDF] parts of the system went down, and staff had to force reboot, and presumably factory reset, all the switches to regain access to the equipment.

Management blew its stack, and called in computer forensics experts. Two days later, the infosec bods signaled that they had found signs of Grupe's meddling in the switches' memory storage. This, and evidence gleaned from the rogue employee's laptop, was enough for the police to be called.

After reviewing the evidence, the cops charged Grupe with one count of intentional damage to a protected computer. A jury found him guilty after a five-day trial in October last year, and on Tuesday this week, US District Judge Patrick Schiltz gave him a ticket to a year-long stay at the big house. ®


Keep Reading

Huawei invokes 140-year-old law at England's High Court in latest bid to thwart CFO's US-Canada extradition

Lawyers say they need HSBC UK Powerpoint slides to undo Uncle Sam's case against Meng Wanzhou

Don't scrape the faces of our citizens for recognition, Canada tells Clearview AI – delete those images

Plus: Check if your Flickr photos are in facial recognition engines and and the list of NSFW words for AI

UK, Canada could rethink the whole 'ban Huawei' thing post-Trump, whispers Huawei

Analysis Veep needles British government: Without us, you'll 'widen the north-south digital divide'

When it comes to taxing tech giants, America is out, France is in, Canada and Indonesia are going their own way

With Trump on the way out, 2021 is going to be digital levy a-go-go time

No more Genius Bar bottlenecks for you, Mr Customer? Apple exports independent repair provider program to Europe and Canada

iPhone right-to-repair movements blows in from US

Owner of Smuggler's Inn B&B ordered to put up a sign warning guests not to cross into Canada

A subtle rebranding exercise might be needed

Canada's .ca overlord rolls out free privacy-protecting DNS-over-HTTPS service for folks in Great White North

L’ACEI lance le Bouclier canadien dans le but de protéger gratuitement la vie privée et la sécurité des Canadiens en ligne

FYI Russia is totally hacking the West's labs in search of COVID-19 vaccine files, say UK, US, Canada cyber-spies

'Completely unacceptable' spouts British Foreign Secretary

Biting the hand that feeds IT © 1998–2021