By now you must have heard about Terry Childs, the so-called “rogue” network administrator of the City of San Francisco. Childs is accused of four counts of tampering with a computer, which includes creating secret passwords to city network infrastructure that he will not reveal and installing software to monitor e-mail from the city managers that discussed him.
Childs has been variously characterized as crazy, looking for revenge, and even a terrorist, but as always the truth is far more complex. The best discussion of what the whole sad case is about can be found in a terrific analysis “Why San Francisco’s network admin went rogue,” by Paul Venezia.
The article illustrates that this case is a world class example of really bad IT strategizing coupled with remarkably bad management. Childs apparently took his job way too seriously — all accounts of the man say he was talented and a hard worker but also that he was arrogant, a poor communicator and poorly managed. But at the heart of it all was that the city simply had no overall security plan. Why? Well, it appears that management just didn’t care despite the fact that Childs created and put forward security plans on numerous occasions, which were all ignored.
What the City of San Francisco lacked was an overall IT strategy. What they had were a load of tactics flying in formation and it seems that Childs was all too aware that this was the case. Being the kind of guy he is it seems that Childs can to see the city network as his sole responsibility and controlling and keeping it safe some kind of prime directive and like a human Skynet he responded to perceived threats in an inappropriate and unexpected manner (on the plus side at least in this case its unlikely we’ll have to watch Keanu Reeves “act” Childs’ role).
The popular press has thrown in their two cents worth, which has illuminated the fearfulness and irrationality of both the city’s management and the public. The city seems to have been responsible for escalating the situation into a legal frenzy while citizens have responded with anger and outrage (public comments to online news items have even suggested using waterboarding to encourage Childs to reveal the passwords).
So, who is to blame for this mess? I’d suggest that it isn’t actually Childs, rather it is a management problem of such huge proportions that the mayor of San Francisco, Gavin Newsom, is to blame. If the city was a commercial corporation he’d be the CEO and when a company goofs in a really big way such that shareholder value tanks, then that’s where the buck stops.
In the case of a city, the shareholder (aka the citizens) value lies in the quality of the services provided, such as road upkeep, water delivery and treatment, and especially emergency services. Without information and communications these services are considerably diminished in value. While the San Francisco network is effectively locked up, only Childs can unlock it should anything go wrong.
Newsome’s management insight is obviously deficient when it comes to what makes his city work, which is IT. As a result the city will have to spend a millions of dollars regaining control of its network and prosecuting a poor schmo who took his job way too seriously. I wonder if Newsom will get re-elected? If he does run again will anyone bring up the crackerjack city management?
Related content:
Cybercrime inflicts city of San Francisco
San Francisco Mayor convinces Terry Childs to hand over the network passwords