Terry Childs found guilty of computer tampering

April 27, 2010 5:46:05 PM PDT
A San Francisco jury today convicted former city of San Francisco network engineer Terry Childs of felony computer tampering for withholding passwords to the city's main computer network in 2008.

After nearly three days of deliberation, the jury this afternoon found Childs -- who had worked for the Department of Technology since 2003 and built the network -- guilty of one felony count of computer tampering with an allegation that the losses from the crime exceeded $200,000.

Childs, 45, who has been jailed since July 2008, now faces a prison sentence of two to five years, prosecutor Conrad Del Rosario said.

Del Rosario argued during the four-month-long trial that Childs intentionally refused to give the passwords to the FiberWAN network, which handles computer traffic for about 60 percent of the city's departments, to his supervisors and to police.

Childs reportedly had a fractious relationship with some of his coworkers, attorneys on both sides said. He testified at trial that he never intended to harm the network but said that other employees, including his supervisors, were not qualified to have the passwords.

Childs claimed he was merely following established industry guidelines for password protection.

"You do not ever give up your username and password," Childs said.

City officials worried at the time of Childs' arrest that he could have installed "traps" on the network that would shut the city down during a power outage. The city was locked out of the network for 12 days, but no harm ever became of the system.

Childs agreed to give the passwords to Mayor Gavin Newsom while in jail on July 21, 2008.

Newsom testified earlier in the trial that he "had grave concern that the system was being put in peril," and concluded during his meeting with Childs that Childs did not trust anyone in the department.

"I can't tell you what I think he was doing," Del Rosario said after the verdict today. "I can only say that with his walking away with the passwords, the network was at risk. I can't say what was in his mind."

The city has spent nearly $1 million in efforts to regain control of the network and conduct vulnerability testing, according to Del Rosario.

Prosecutors initially charged Childs with four counts of computer tampering, but a judge in 2009 threw out three of the counts.

Childs' attorney Richard Shikman said he was disappointed by the verdict.

"To me, crimes are acts of moral turpitude, where there's an element of venality to criminal behavior," he said. "I just didn't see it in this case."

One juror, Jason Chilton, also a network engineer, said the law Childs was accused of breaking -- knowingly disrupting computer services or denying those services to an authorized user -- is "very specific," and though no services were actually disrupted, "he denied that access."

Chilton, however, said Childs' supervisors at the Department of Technology were also to blame. He said they "did everything wrong that they possibly could," citing "ineffective management and no formalized policies and procedures" for dealing with employees in such situations.

"If the city were on trial, they'd probably be guilty of a lot of stuff too," Chilton said.

Ultimately, Chilton said, Childs "didn't follow the law, which was the basic thing that it came down to."

Of the network engineer code about not giving up your passwords, Chilton said, "Your own passwords, yes, but you don't deny access to someone who's authorized."

Another juror, Amy Heine, said Childs seemed both egotistical and "paranoid."

"He was intelligent enough to know what he was doing, was heading in a very dangerous direction," she said.

Childs is scheduled to be sentenced June 14.


Load Comments