IT admin gets 7 years for cleaning his company’s servers to prove a point

An outraged IT administrator, apparently aiming to prove the lack of security his employer had hitherto ignored, proceeded to delete a bunch of vital financial databases and subsequently received seven years in prison as a result. It’s what’s known in the IT trade as ‘cutting your nose to offend your face’, or inadvertently staying on a server that you know you have access to and that you’ve already complained about.

Han Bing, a database administrator at Lianjia, a Chinese real estate brokerage formerly known as Homelink, was reportedly one of five people on the security team with access to the company’s financial system databases. So when someone logged in with root access to Lianjia’s financial system and deleted the batch (by computer beeping), the company already had a handful of suspects.

Four of the five handed over their laptops and passwords immediately, while Bing refused to hand over their password, claiming it contained private information. He agreed to access the device for company investigators while he was present, and no incriminating evidence on his machine.

The company, however, claimed that the attack could be done by simply connecting to the server in a way that leaves no residual traces on the customer’s laptop.

Subsequent electronic forensic analysis of the company’s server logs, along with the use of the company’s CCTV footage, was able to link the logs held on the server to Bing’s MacBook hostname, Yggdrasil, as well as certain linked MAC and IP addresses. on your computer.

Yes, Yggdrasil. The life tree. The roots can be seen spreading across the sky in Valheim, and like that big plant glowing in Elden Ring. Everything in 2022 always seems to lead back to the Elden Ring. This whole affair is probably in the game somewhere as lore.

(Image credit: FromSoftware)

In any case, with all the evidence in hand, the Beijing Tongda Fazheng Forensic Identification Center concluded that none of the other potential suspects could be linked to the June 4, 2018 attack, and Han Bing was found guilty of damaging information on the site. computer and sentenced to seven years. in prision.

Initially, this seems a bit harsh on the guy, but he basically destroyed four different servers, salting the earth so nothing could be recovered, and bringing the company to a halt. He then had to pay around $30,000 as redress for the fact that Lianjia employees went unpaid for a long period of time.

Which is also pretty tough.

Bing’s colleagues suggested that the reasoning behind his deletion from the company’s records was due to the fact that he discovered that the security of the financial system was compromised and his concerns were ignored.

He worked with another database administrator to bring the issues to his superiors in the organization, but was apparently fired. This is claimed to have led to Bing arguing with other colleagues, and after his office was relocated, it is suggested that he no longer felt valued by the company, was “passive and slow, often late and early, and there is also the absenteeism phenomenon.” This is according to Edge’s machine translation, so make it what you will.

Maybe Bing thought he’d be rewarded for highlighting problems more obviously, or maybe he was just a grumpy, vindictive administrator in the end. Anyway, going to prison for seven years was definitely not what he intended to get out of it.

Leave a Comment