Former IT Consultant Facing Charges on Purposefully Causing Ruin to Healthcare Company’s Server

An IT specialist who worked as a service provider at a suburban healthcare organization in Chicago has been accused of illegally acquiring access to the firm’s network and deliberately causing ruin to a protected PC.

Aaron Lockner, 35 years old, from Downers Grove, IL, was employed at an IT organization that had an agreement with a healthcare firm to give security and technology solutions. Lockner got access to the network of the healthcare organization’s center in Oak Lawn, IL, to execute the contracted IT offerings.

In February 2018, Lockner sent an application for a job with a healthcare company, nevertheless, his application was declined. Lockner was then dismissed from the IT organization in March 2018. One month after, on or approximately April 16, 2018, Lockner is purported to have remotely acquired access to the computer system of the healthcare organization with no permission. As per the indictment, Lockner consciously prompted the transmission of a program, data, code, and command, and due to his actions, purposefully brought about harm to a protected computer. The computer attack impaired healthcare exams, treatment, and the care of various persons.

Locker is indicted on one count of deliberately causing harm to a protected PC. The slated arraignment is going to be done on May 31, 0222 at the U.S. District Court in the Northern District of Illinois, Eastern Division. When convicted, Lockner could possibly serve approximately 10 years in a federal penitentiary.

This case demonstrates the threats brought about by insiders. The lately released 2022 Verizon Data Breach Investigations Report demonstrates the threat of attacks by external attackers, which exceed insider attacks by 4: 1, although safety measures furthermore must be enforced to secure against insider threats.

In this scenario, the so-called access took place two months subsequent to the rejection of the application for work and a month after dismissal from the IT firm. When folks leave a job, voluntarily or if fired, access rights to systems should be instantly canceled and verification of systems done to determine any malware or backdoors that might have been installed.

There were a number of situations of unhappy IT contractors holding onto remote access to networks after firing, with one significant case at a law agency witnessing an old IT worker putting in a backdoor and eventually accessing the system and purposefully causing ruin after stopping employment. In that scenario, the person was sentenced to 115 months in federal jail and was directed to pay $1.7 million in compensation.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

Mark Wilson

Mark Wilson is a news reporter specializing in information technology cyber security. Mark has contributed to leading publications and spoken at international forums with a focus on cybersecurity threats and the importance of data privacy. Mark is a computer science graduate.