Former IT Director Gets Jail Time For Selling Government's Cisco Gear On eBay (zdnet.com) 66
An anonymous reader quotes a report from ZDNet: A South Carolina man was sentenced this week to two years in federal prison for taking government-owned networking equipment and selling it on eBay. The man, Terry Shawn Petrill, 48, of Myrtle Beach, worked as the IT Security Director for Horry County in South Carolina, the Department of Justice said in a press release on Tuesday. According to court documents, "beginning on June 11, 2015, through August 23, 2018, Petrill ordered forty-one Cisco 3850 switches that were to be installed on the Horry County network."
US authorities said that through the years, when the switches would arrive, Petrill would take custody of the devices and tell fellow IT staffers that he would handle the installation alone. However, investigators said that "Petrill did not install the switches on the network and instead sold them to third parties and kept the proceeds for himself." FBI agents who investigated the case said they tracked nine of the 41 missing Cisco switches to ads on eBay, while the location of the rest remains unknown. Nonetheless, this was enough to file charges against Petrill, which authorities arrested and indicted in November 2019. Besides prison time, Petrill was also ordered to pay restitution in the amount of $345,265.57 to the Horry County Government.
US authorities said that through the years, when the switches would arrive, Petrill would take custody of the devices and tell fellow IT staffers that he would handle the installation alone. However, investigators said that "Petrill did not install the switches on the network and instead sold them to third parties and kept the proceeds for himself." FBI agents who investigated the case said they tracked nine of the 41 missing Cisco switches to ads on eBay, while the location of the rest remains unknown. Nonetheless, this was enough to file charges against Petrill, which authorities arrested and indicted in November 2019. Besides prison time, Petrill was also ordered to pay restitution in the amount of $345,265.57 to the Horry County Government.
Cisco $$$ (Score:1)
Damn Cisco switches are expensive!
Re: (Score:2)
Re: (Score:2)
Re: Cisco $$$ (Score:2)
Yep, that's pretty much stealing (Score:5, Insightful)
Re: Yep, that's pretty much stealing (Score:3)
What shocks me is how brazen he was. I mean signing purchase orders and insisting to handle the installations themselves, wouldn't it just be an eventuality before this caught up with him? And 41 devices at that?
This guy was no criminal mastermind. But 41 devices... something tells me he might have thought he'd get away with it.
Re: (Score:3)
I'm surprised the other technology employees never noticed that the switches never got changed out or added.
Re: (Score:2)
His boss.
Re: (Score:2)
Perhaps the switches were the same model that was already in the wiring closet - if you're replacing switches with the same model, they can look the same so no one's the wiser. As for why they're replaced, who knows. Blown ports perhaps
Re: (Score:2)
Perhaps they where supposed to be upgraded capacity, faster uplinks (10 Gig), gig-distribution ports. In which case the old 2900s will still work just fine, until somebody starts trying to stream Netflix on too many screens or the access to the Porn stash on the government run server access gets too slow.
Re: Yep, that's pretty much stealing (Score:4, Insightful)
At a guess quite a few must have known what was going on and got a piece of the action, one them wanted a larger piece and went for the naughty fellows job.
Now looking at EBay itself, talk about a law enforcement data mine, just process the data of everything up for sale, look for low count, high price items and then calculate the probability outcome of that person coming by that device legitimately, especially repeat sales, after a few of flags get lit up for repeat sales, start an investigation.
Now the real tough question, is EBay consciously aiding and abetting the selling of illegally obtained items upon a mass scale and what legally needs to be done to stop this. EBay should pay a penalty for every illegal obtained item sold on EBay, considering the scale of the crime they are actively facilitating. EBay the planets fence for stolen items, that shite needs to stop.
How the fuck does Ebay get away with keeping it's piece of the action of stolen goods. Why the fuck did the government not go back to EBay and say, you fuckers that percentage you took, you owe it to us, plus penalties and plus interests (they were receiving proceeds from stolen goods they did not bother to properly vet before aiding the illegal transaction.
Every time EBay gets caught in fencing stolen goods, they should pay back their percentage of the take at the very least and also they should pay a penalty for allowing a criminal transaction. Makes it difficult for them to do business, so fucking what, how about the victims of all the stolen shit EBay sells and their difficulties whilst EBay criminally takes a percentage of stolen goods.
Dozy government, why the fuck have you not recovered the 10% EBay stole for allowing the sale of stolen goods, why the fucking hell do Ebay get to keep it without any penalty, mind you something like $34,500 easy stolen money for EBay, wait it's not, they have to pay it back, dozy fucking government.
Re: (Score:2)
Brazen is not the word that comes to mind. Stupid I think is the proper word.
Re: Yep, that's pretty much stealing (Score:5, Funny)
This guy was no criminal mastermind. But 41 devices... something tells me he might have thought he'd get away with it.
"Attention everyone. We'll have a brief outage tonight at 8:00 as I put the new switch into production. It should take no more than 5 minutes"
Later that night
telnet 10.45.238.254
login as: eatmyshorts
user: eatmyshorts
password: *
# enable
# configure terminal
(config)# interface FastEthernet 0/1
(config-subif)# shutdown
(config-subif)# end
# write
Takes a piss and grabs a beer
# configure terminal
(config)# interface FastEthernet 0/1
(config-subif)# no shutdown
(config-subif)# end
# write
#
Disclaimer: I do not know how to configure a CISCO switch, so take my commands with a grain of salt.
Yes, he had telnet enabled. Yes, he had a 1 character password.
Re: (Score:3)
3850 is a fairly high end L3 switch. Stackable and with lots of modules available for 10G and 40G fiber. It's not something end users will plug into, more likely used for distribution to other switches, or maybe busy servers.
Props to Horry County if they have enough failover robustness in their network that "swapping" one of these is something that would not be noticed by a lot of people.
Re: (Score:2)
When our network group has to replace switches it does so either over a weekend or after hours. In the case of after hours, the new switches are already configured and installed. It's just a matter of plugging them in and verifying everything is working. These are switches at one site only.
We have several thousand users who are notified in advance when the replacement will take place and as far as I know, no one has complained about lack of robustness. Even though this criminal was an idiot, if he used
Re: (Score:2)
When our network group has to replace switches it does so either over a weekend or after hours. In the case of after hours, the new switches are already configured and installed. It's just a matter of plugging them in and verifying everything is working. These are switches at one site only.
We have several thousand users who are notified in advance when the replacement will take place and as far as I know, no one has complained about lack of robustness. Even though this criminal was an idiot, if he used a similar process, it's doubtful anyone noticed anything.
Sure. It's a bit of a difference between telling your co-workers "no worries I'll just will replace it" and having a change control event potentially affecting thousands of users. I use the same process as you, except it's pretty much guaranteed there will be something behind that 3850 that is more than 5x9 weekdays and someone is likely to notice. I wish I could do it so nobody noticed. Would save a lot of bureaucracy.
Re: (Score:2)
Woosh
Hey the Internet is down, no, wait, it's back up again.....
Re: (Score:2)
3850 is a fairly high end L3 switch. Stackable and with lots of modules available for 10G and 40G fiber. It's not something end users will plug into...
Says you. I happen to find one for a steal on eBay...
Re: Yep, that's pretty much stealing (Score:2)
Ive heard of worse. Before the days of ebay, a security company got busted ripping off the us postal offices. The guy would buy the cctv equipment and cameras, and then later just before installation they would get /stolen/ from the storage room onsite. The us postal inspectors started investigating and realized that the us government had bought the same cameras more than once for different installations. Literally the same cameras, as the serial numbers on the purchase orders were the same. So they setup a
Re: (Score:2)
Re: (Score:2)
Well, it's generally not allowed at all - it's company owned property.
Though given taxpayers paid for it, most governments have their own auction site for surplus goods where they often sell these things. Taxpayers (you and I) paid for it, so it's really not fair to have someone else benefit, so the surplus sites are set up to recover what
Re: (Score:2)
Yes - as an employee at a similar sized county government as Horry, I can say we have a "surplus sale" where essentially anything that was expensive enough to have an asset tag will be sold at the end of its service life. Computers, switches, office furniture, etc. Some of it is just older and works fine - some of it has been used very hard for many years and would truly be better off disposed of but policies require it to go to the surplus sale.
Even our vehicles go to surplus (through a slightly different
Re: (Score:2)
even for $300-400 not a whole lot of people want a 10 year old Crown Victoria with 300k-400k miles on it and an interior that had a whole bunch of police equipment once mounted but now ripped out.
Jake and Elwood might disagree
Government Pay (Score:2)
Apparently, the SC doesn't pay its 'IT Security Director' enough. Hey blackhats, you can easily buy government IT security guys in SC.
Re: (Score:3)
Re: (Score:2)
Fair enough. Still makes my point that you can buy one and get things done. I find it sad that a security director is so unscrupulous.
I've been in the industry at least as long as you and most of the folks I've known along the way are honest.
Re: (Score:2)
Re: Government Pay (Score:3)
He should have purchased counterfeit cisco gear on ebay and sold the originals. People do not go looking for serial numbers until they notice things missing.
Uh oh (Score:2)
Since these are probably very trackable by serial number, doesn't that mean they can be seized as stolen property -- like, out of the buyer's data closet?
Re: (Score:2)
Re: (Score:2)
Re: Uh oh (Score:2)
Its not like the cisco gear on ebay lists their serial numbers. Either A) he screwed up and did not blurr out his report of # show ver
Or B) he did not blurr out the serial numbers of the pics he took. He should have used stock photos.
Besides its not the hardware that makes these things expensive as it is the software. Without a smart-net contract on the unit, you cannot download firmware. And that smart-net is only extended to the first buyer, not used gear, and it costs annually to maintain.
Re: (Score:2)
Immoral, since you end up with a device full of security holes that you can't patch. Firmware updates should be free to anyone who owns the hardware.
Re: (Score:2)
Cisco is basically a protection racket.
Money used for??? (Score:2)
Re:Money used for??? (Score:4, Funny)
I would guess hookers and blow...
Maybe, but he might have wasted it.
Re:Money used for??? (Score:4, Funny)
have you seen the hookers in South Carolina?
Re: (Score:2)
I've only been in SC once... I cannot say I noticed anything I would have considered even a marginally viable approximation of a hooker, but I wasn't there looking for them either. HOWEVER, based on the generally available base population from which hookers have traditionally come, I'm pretty sure they wouldn't be anything to look at...
Re: Money used for??? (Score:2)
You forgot bike week there.
So That's Why... (Score:2)
So that's why my switch was so cheap. :-D
Just kidding. Mine's an SG200. And holy crap, those things have come down in price since I bought it....
Re: (Score:1)
If you can negotiate well with Cisco, then you can get things a lot cheaper than what they usually charge. On an order of magnitude sometimes.
All they are is ARM processors and Broadcom chipsets purchased from a few Chinese vendors. Cumulus demonstrates their OS running on some of these switches, the Huawei knockoffs, the HP and even though some Cisco gear that was never intended to run a third party OS.
Re: (Score:2)
Re: So That's Why... (Score:2)
When cisco aquired linksys, I had some idiot try to tell me it meant linksys was going to get really good. I tried to explain that if BMW were to acquire Yugo, it in no way means you are getting BMW luxury and performance at Yugo pricing. It just means BMW wants to make more money by selling shit cars to poor people.
Re: (Score:2)
''it in no way means you are getting BMW luxury and performance at Yugo pricing.''
What is actually meant is that you got a Fiat built in Yugoslavia with even a lower build quality and dependability than even a branded Fiat. Amazing they even were able to test dive them before they broke.
Re: (Score:3)
You bought the cheap cisco that is based on the linksys tech they scraped off the top before dumping the rest on... belkin I think.
I'm pretty sure you're thinking of the SG200-08, which I think actually *was* a rebadged Linksys switch. The bigger versions in that line (e.g. the SG200-26) are unrelated hardware, and are somewhere in between. It was designed by a different team (and runs an entirely different OS) than the bigger switches, but I don't think the Linksys team had anything to do with it.
I hate them since they have no cli and sometimes are a pain in the ass to get vlans set up right.
Having never used any other Cisco gear, I have nothing to compare it with, but VLANs didn't seem that hard to me. The UI is kind of wonky
Re: (Score:2)
what federal crime? (Score:3)
grand larceny? (Score:2)
grand larceny?
Re: (Score:2)
Re: (Score:2)
Probably due to the dollar amount of stolen goods. Possibly also for dealing stolen goods across state lines.
Re: (Score:2)
Re: (Score:3)
According to the court document linked in the summary, he was convicted of 'theft of federal program funds'. So I guess the county got federal money to buy the switches he stole.
Fit and Finish (Score:2)
Re: (Score:2)
I'm just glad they are replacing that horrible Cisco green color with a more neutral gray.
Re: Fit and Finish (Score:2)
What do you expect from a couple founders from San Francisco? His wife worked at Berkley when he made the first bridge didnt she?
$250/mo repayment (Score:2)
Am I reading that right? He will pay it back at the rate of $250/mo (for the rest of his life). A cheap loan, but not worth the prison time.
Re: (Score:2)
Am I reading that right? He will pay it back at the rate of $250/mo (for the rest of his life). A cheap loan, but not worth the prison time.
If I'm reading it right the forfeiture order is separate and the government takes the profits of crime off him immediately and then he pays compensation from the money he doesn't have any more.