Thursday, June 26, 2008

Bowie IT employee resigns amid city network security breach

‘Password sniffer’ detected during routine sweep

E-mail this article \ Print this article

A computer support specialist has resigned from Bowie city staff after a password recording program that was accessing one of the city’s servers was found on his work computer, city officials said.

Timothy Nagel resigned from his position in early June, confirmed Personnel Officer John Clinton. The ‘‘password sniffer” he allegedly used was detected during a routine network security sweep in late May, said Information Technology Director Robert Boller. The program collected and stored password information entered into the City Hall computers from one network server. Neither the network server that hosts the Bowie Police Department nor the Web server, where residents can pay bills online, were compromised, Boller said.

‘‘It was all internal,” Boller said. ‘‘Our gateway to the public was not involved.”

However, all city staff were advised to change their city network and private account passwords.

‘‘A possible security problem in the city has been discovered and repaired,” Boller wrote in a May 29 e-mail to staff. ‘‘To be on the safe side if you use the city network for anything outside the city (i.e. [International City⁄County Management Association] account management or personal banking) that requires a password you should change it.”

Boller estimated the program was running for about a week, as the security scan that caught the program cycles through the more than 300 City Hall computers every two and a half weeks. There are approximately 330 city employees, said Communications Coordinator Una Cooper.

In an executive session, the City Council approved hiring a private firm to investigate the breadth of the security breach, said Mayor G. Frederick Robinson.

‘‘The city is concerned about network security,” he said, adding the city may want to strengthen security precautions recommended by the firm.

Robinson would not comment on Nagel’s leave, citing personnel issues.

The investigation is expected to wrap up within a month, said City Manager David Deutsch. At that point, if any criminal offenses are found the matter would be turned over to police to investigate. As of June 20, nothing had been turned over to the authorities, Deutsch said.

‘‘This gave us an opportunity to focus on the issue of network security,” said Deutsch, declining to describe the exact measures taken for security reasons.

When reached by phone at his home, Nagel declined to comment. He was employed by the city for a year and a half.

Over the 14 years Boller has overseen the city’s Information Technology Department, he said it has an exemplary history with only a few minor security breaches. The last major incident he could recall was in 1997 when a hacker erased the city’s Web page and it had to be restored.

‘‘Precautions are taken all the time,” said Boller, pointing out how regular scans detected the password program quickly. ‘‘The city is well protected.”

Ramon Korionoff, spokesman for Prince George’s County’s State’s Attorney, said it is difficult to determine potential penalties if charges were filed against Nagel, because laws regarding computer crimes lag behind the expansion of technology.