Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Crime Government IT Technology

Former IT Director Gets Jail Time For Selling Government's Cisco Gear On eBay (zdnet.com) 66

An anonymous reader quotes a report from ZDNet: A South Carolina man was sentenced this week to two years in federal prison for taking government-owned networking equipment and selling it on eBay. The man, Terry Shawn Petrill, 48, of Myrtle Beach, worked as the IT Security Director for Horry County in South Carolina, the Department of Justice said in a press release on Tuesday. According to court documents, "beginning on June 11, 2015, through August 23, 2018, Petrill ordered forty-one Cisco 3850 switches that were to be installed on the Horry County network."

US authorities said that through the years, when the switches would arrive, Petrill would take custody of the devices and tell fellow IT staffers that he would handle the installation alone. However, investigators said that "Petrill did not install the switches on the network and instead sold them to third parties and kept the proceeds for himself." FBI agents who investigated the case said they tracked nine of the 41 missing Cisco switches to ads on eBay, while the location of the rest remains unknown. Nonetheless, this was enough to file charges against Petrill, which authorities arrested and indicted in November 2019. Besides prison time, Petrill was also ordered to pay restitution in the amount of $345,265.57 to the Horry County Government.

This discussion has been archived. No new comments can be posted.

Former IT Director Gets Jail Time For Selling Government's Cisco Gear On eBay

Comments Filter:
  • Damn Cisco switches are expensive!

  • by chipperdog ( 169552 ) on Thursday September 03, 2020 @04:26PM (#60470724) Homepage
    That is flat out stealing. When I saw the headline, I assumed he was just selling replaced items that would otherwise go to e-waste and keeping those proceeds, which is still not allowed by most public sector employers...
    • What shocks me is how brazen he was. I mean signing purchase orders and insisting to handle the installations themselves, wouldn't it just be an eventuality before this caught up with him? And 41 devices at that?

      This guy was no criminal mastermind. But 41 devices... something tells me he might have thought he'd get away with it.

      • Not many details on how he got caught, but I'm guessing since it went on for three years, it was caught in an annual audit.

        I'm surprised the other technology employees never noticed that the switches never got changed out or added.
        • by tlhIngan ( 30335 )

          I'm surprised the other technology employees never noticed that the switches never got changed out or added.

          Perhaps the switches were the same model that was already in the wiring closet - if you're replacing switches with the same model, they can look the same so no one's the wiser. As for why they're replaced, who knows. Blown ports perhaps

          • Perhaps they where supposed to be upgraded capacity, faster uplinks (10 Gig), gig-distribution ports. In which case the old 2900s will still work just fine, until somebody starts trying to stream Netflix on too many screens or the access to the Porn stash on the government run server access gets too slow.

        • by rtb61 ( 674572 ) on Thursday September 03, 2020 @08:41PM (#60471436) Homepage

          At a guess quite a few must have known what was going on and got a piece of the action, one them wanted a larger piece and went for the naughty fellows job.

          Now looking at EBay itself, talk about a law enforcement data mine, just process the data of everything up for sale, look for low count, high price items and then calculate the probability outcome of that person coming by that device legitimately, especially repeat sales, after a few of flags get lit up for repeat sales, start an investigation.

          Now the real tough question, is EBay consciously aiding and abetting the selling of illegally obtained items upon a mass scale and what legally needs to be done to stop this. EBay should pay a penalty for every illegal obtained item sold on EBay, considering the scale of the crime they are actively facilitating. EBay the planets fence for stolen items, that shite needs to stop.

          How the fuck does Ebay get away with keeping it's piece of the action of stolen goods. Why the fuck did the government not go back to EBay and say, you fuckers that percentage you took, you owe it to us, plus penalties and plus interests (they were receiving proceeds from stolen goods they did not bother to properly vet before aiding the illegal transaction.

          Every time EBay gets caught in fencing stolen goods, they should pay back their percentage of the take at the very least and also they should pay a penalty for allowing a criminal transaction. Makes it difficult for them to do business, so fucking what, how about the victims of all the stolen shit EBay sells and their difficulties whilst EBay criminally takes a percentage of stolen goods.

          Dozy government, why the fuck have you not recovered the 10% EBay stole for allowing the sale of stolen goods, why the fucking hell do Ebay get to keep it without any penalty, mind you something like $34,500 easy stolen money for EBay, wait it's not, they have to pay it back, dozy fucking government.

      • by gtall ( 79522 )

        Brazen is not the word that comes to mind. Stupid I think is the proper word.

      • by lsllll ( 830002 ) on Thursday September 03, 2020 @05:59PM (#60470986)

        This guy was no criminal mastermind. But 41 devices... something tells me he might have thought he'd get away with it.

        "Attention everyone. We'll have a brief outage tonight at 8:00 as I put the new switch into production. It should take no more than 5 minutes"

        Later that night

        telnet 10.45.238.254
        login as: eatmyshorts

        user: eatmyshorts
        password: *

        # enable
        # configure terminal
        (config)# interface FastEthernet 0/1
        (config-subif)# shutdown
        (config-subif)# end
        # write

        Takes a piss and grabs a beer

        # configure terminal
        (config)# interface FastEthernet 0/1
        (config-subif)# no shutdown
        (config-subif)# end
        # write
        #

        Disclaimer: I do not know how to configure a CISCO switch, so take my commands with a grain of salt.

        Yes, he had telnet enabled. Yes, he had a 1 character password.

        • 3850 is a fairly high end L3 switch. Stackable and with lots of modules available for 10G and 40G fiber. It's not something end users will plug into, more likely used for distribution to other switches, or maybe busy servers.

          Props to Horry County if they have enough failover robustness in their network that "swapping" one of these is something that would not be noticed by a lot of people.

          • When our network group has to replace switches it does so either over a weekend or after hours. In the case of after hours, the new switches are already configured and installed. It's just a matter of plugging them in and verifying everything is working. These are switches at one site only.

            We have several thousand users who are notified in advance when the replacement will take place and as far as I know, no one has complained about lack of robustness. Even though this criminal was an idiot, if he used

            • When our network group has to replace switches it does so either over a weekend or after hours. In the case of after hours, the new switches are already configured and installed. It's just a matter of plugging them in and verifying everything is working. These are switches at one site only.

              We have several thousand users who are notified in advance when the replacement will take place and as far as I know, no one has complained about lack of robustness. Even though this criminal was an idiot, if he used a similar process, it's doubtful anyone noticed anything.

              Sure. It's a bit of a difference between telling your co-workers "no worries I'll just will replace it" and having a change control event potentially affecting thousands of users. I use the same process as you, except it's pretty much guaranteed there will be something behind that 3850 that is more than 5x9 weekdays and someone is likely to notice. I wish I could do it so nobody noticed. Would save a lot of bureaucracy.

          • 3850 is a fairly high end L3 switch. Stackable and with lots of modules available for 10G and 40G fiber. It's not something end users will plug into...

            Says you. I happen to find one for a steal on eBay...

      • Ive heard of worse. Before the days of ebay, a security company got busted ripping off the us postal offices. The guy would buy the cctv equipment and cameras, and then later just before installation they would get /stolen/ from the storage room onsite. The us postal inspectors started investigating and realized that the us government had bought the same cameras more than once for different installations. Literally the same cameras, as the serial numbers on the purchase orders were the same. So they setup a

      • He would have, if it wasn't for those meddling kids...
    • by tlhIngan ( 30335 )

      I assumed he was just selling replaced items that would otherwise go to e-waste and keeping those proceeds, which is still not allowed by most public sector employers...

      Well, it's generally not allowed at all - it's company owned property.

      Though given taxpayers paid for it, most governments have their own auction site for surplus goods where they often sell these things. Taxpayers (you and I) paid for it, so it's really not fair to have someone else benefit, so the surplus sites are set up to recover what

      • Yes - as an employee at a similar sized county government as Horry, I can say we have a "surplus sale" where essentially anything that was expensive enough to have an asset tag will be sold at the end of its service life. Computers, switches, office furniture, etc. Some of it is just older and works fine - some of it has been used very hard for many years and would truly be better off disposed of but policies require it to go to the surplus sale.

        Even our vehicles go to surplus (through a slightly different

        • even for $300-400 not a whole lot of people want a 10 year old Crown Victoria with 300k-400k miles on it and an interior that had a whole bunch of police equipment once mounted but now ripped out.

          Jake and Elwood might disagree

  • Apparently, the SC doesn't pay its 'IT Security Director' enough. Hey blackhats, you can easily buy government IT security guys in SC.

    • Comment removed based on user account deletion
      • Fair enough. Still makes my point that you can buy one and get things done. I find it sad that a security director is so unscrupulous.

        I've been in the industry at least as long as you and most of the folks I've known along the way are honest.

    • He should have purchased counterfeit cisco gear on ebay and sold the originals. People do not go looking for serial numbers until they notice things missing.

  • Since these are probably very trackable by serial number, doesn't that mean they can be seized as stolen property -- like, out of the buyer's data closet?

    • Then the people who unknowingly bought stolen devices can go after him also for damages if their equipment is seized. Although since they likely weren't bought through a Cisco partner, they probably do not have any SmartNet or anything on them, making it a quite bit harder to find if they are on a LAN behind a firewall that strictly limits management network traffic and managed by people who don't report to Cisco.
    • by Revek ( 133289 )
      Its all eol junk now. Who ever has one will run it until they throw it away.
    • Its not like the cisco gear on ebay lists their serial numbers. Either A) he screwed up and did not blurr out his report of # show ver
      Or B) he did not blurr out the serial numbers of the pics he took. He should have used stock photos.

      Besides its not the hardware that makes these things expensive as it is the software. Without a smart-net contract on the unit, you cannot download firmware. And that smart-net is only extended to the first buyer, not used gear, and it costs annually to maintain.

      • by Bert64 ( 520050 )

        Immoral, since you end up with a device full of security holes that you can't patch. Firmware updates should be free to anyone who owns the hardware.

  • What are your bets? I would guess hookers and blow...
  • So that's why my switch was so cheap. :-D

    Just kidding. Mine's an SG200. And holy crap, those things have come down in price since I bought it....

    • by guruevi ( 827432 )

      If you can negotiate well with Cisco, then you can get things a lot cheaper than what they usually charge. On an order of magnitude sometimes.

      All they are is ARM processors and Broadcom chipsets purchased from a few Chinese vendors. Cumulus demonstrates their OS running on some of these switches, the Huawei knockoffs, the HP and even though some Cisco gear that was never intended to run a third party OS.

    • by Revek ( 133289 )
      You bought the cheap cisco that is based on the linksys tech they scraped off the top before dumping the rest on... belkin I think. I hate them since they have no cli and sometimes are a pain in the ass to get vlans set up right.
      • When cisco aquired linksys, I had some idiot try to tell me it meant linksys was going to get really good. I tried to explain that if BMW were to acquire Yugo, it in no way means you are getting BMW luxury and performance at Yugo pricing. It just means BMW wants to make more money by selling shit cars to poor people.

        • by fred911 ( 83970 )

          ''it in no way means you are getting BMW luxury and performance at Yugo pricing.''

          What is actually meant is that you got a Fiat built in Yugoslavia with even a lower build quality and dependability than even a branded Fiat. Amazing they even were able to test dive them before they broke.

      • by dgatwood ( 11270 )

        You bought the cheap cisco that is based on the linksys tech they scraped off the top before dumping the rest on... belkin I think.

        I'm pretty sure you're thinking of the SG200-08, which I think actually *was* a rebadged Linksys switch. The bigger versions in that line (e.g. the SG200-26) are unrelated hardware, and are somewhere in between. It was designed by a different team (and runs an entirely different OS) than the bigger switches, but I don't think the Linksys team had anything to do with it.

        I hate them since they have no cli and sometimes are a pain in the ass to get vlans set up right.

        Having never used any other Cisco gear, I have nothing to compare it with, but VLANs didn't seem that hard to me. The UI is kind of wonky

  • Comment removed based on user account deletion
  • by belmolis ( 702863 ) <billposer.alum@mit@edu> on Thursday September 03, 2020 @05:41PM (#60470928) Homepage
    Curiously the article never says why he was convicted of a federal crime. Theft from a county government is a state crime. I'm guessing that his selling the switches on ebay made it mail fraud and therefore federal, but it is still unclear why the federal government would concern itself with what was basically a state matter.
  • How about making them have the fit and finish of at least a $20k vehicle? The panel gaps are just about the worst from any vehicle manufacturer and the paint is horrid (unless orange-peel is what you're into straight from the factory). These issues shouldn't be present in the standard vehicle segment, much less vehicles that are running more than $100k.
  • Am I reading that right? He will pay it back at the rate of $250/mo (for the rest of his life). A cheap loan, but not worth the prison time.

    • by Shimbo ( 100005 )

      Am I reading that right? He will pay it back at the rate of $250/mo (for the rest of his life). A cheap loan, but not worth the prison time.

      If I'm reading it right the forfeiture order is separate and the government takes the profits of crime off him immediately and then he pays compensation from the money he doesn't have any more.

Whatever is not nailed down is mine. Whatever I can pry up is not nailed down. -- Collis P. Huntingdon, railroad tycoon

Working...