Former It Manager Pleads Guilty To Attacking High School Network

December 19, 2023

School

Conor LaHiff, a former IT manager for a New Jersey public high school, has admitted to committing a cyberattack against his former employer following the termination of his employment in June 2023.

Last week, the U.S. Department of Justice (DOJ) announced that LaHiff pleaded guilty to one count of unauthorized damage to protected computers, violating the Computer Fraud and Abuse Act (CFAA).

The DOJ announcement describes the cyberattack as an act of retaliation, specifically targeting Apple and IT administrator accounts to cause damage and disruption to the school’s operations.

“After he was fired, LaHiff used his administrative privileges to deactivate and delete thousands of Apple IDs from the school’s Apple School Manager account – software used to manage student, faculty and staff information technology resources,” reads the U.S. DOJ announcement.

“LaHiff also deactivated more than 1,400 other Apple accounts and other IT administrative accounts and disabled the school’s private branch phone system, which left the school’s phone service unavailable for approximately 24 hours.”

According to published court documents, LaHiff performed the following actions after the termination of his employment:

  • Deleted 1,200 Apple IDs from the school’s Apple School Manager account
  • Deactivated over 1,400 other Apple accounts
  • Attempted to disconnect Apple Class IDs, Course IDs, Location IDs, and Person IDs from the school’s Apple School Manager account.
  • Deactivated administrative accounts, including accounts at security vendors.
  • Disabled the school’s private branch phone service

The announcement says that LaHiff’s actions caused the school to incur at least $5,000 in direct financial losses.

This is another case of a disgruntled former employee using their not-revoked high-level access to cause damage to critical networks out of spite.

The simple act of coordinating human resource decisions with IT department actions, such as revoking account access for dismissed personnel, would significantly mitigate such risks.

Interestingly, despite his actions, LaHiff had already filled a similar position at another public high school, which the judge is requiring LaHiff to notify about the guilty plea.

LaHiff is scheduled to be sentenced on March 20, 2024, and faces a potential maximum penalty of 10 years in prison and fines of up to $250,000.

Original Source

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

alerts

Multiple Vulnerabilities in VMWare Workstation and Fusion

May 17, 2024
hkcert

Google Chrome Remote Code Execution Vulnerability

May 17, 2024
CISA Logo

CISA: CISA Releases Four Industrial Control Systems Advisories

May 17, 2024
CISA Logo

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

May 17, 2024
CISA Logo

CISA: Microsoft Releases May 2024 Security Updates

May 17, 2024