Former IT Consultant Charged with Deliberately Causing Harm to Healthcare Company’s Server

An information technology consultant who worked as a contractor at a suburban healthcare organization in Chicago has been charged with illegally getting access to the firm’s network and deliberately causing harm to a protected computer.

Aaron Lockner, age 35, resident of Downers Grove, IL, worked for an IT organization that had a contract with a healthcare firm to offer security and technology services. Lockner was given access to the network of the healthcare organization’s clinic in Oak Lawn, IL, to perform the contracted IT solutions.

In February 2018, Lockner applied for a work position with the healthcare company, however his application was rejected. Lockner was then laid off from the IT company in March 2018. A month afterwards, on or about April 16, 2018, Lockner is alleged to have remotely obtained access to the computer system of the healthcare organization without consent. Based on the indictment, Lockner intentionally brought on the transmission of a program, material, code, and command, and because of his actions, purposefully prompted ruin to a protected PC. The computer intrusion impaired medical tests, treatment, and the care of several people.

Locker is indicted on one count of deliberately causing ruin to a protected computer. The scheduled arraignment will be held on May 31, 0222 in the U.S. District Court in the Northern District of Illinois, Eastern Division. In case convicted, Lockner might serve around 10 years in federal jail.

This case illustrates the dangers posed by insiders. The newly published 2022 Verizon Data Breach Investigations Report shows the danger of attacks by external hackers, which surpass insider attacks by 4 to 1, however, safeguards additionally must be put in place to safeguard against insider threats.

In this situation, the supposed access happened two months following the rejection of the application for employment and one month after termination from the IT firm. When people leave work, voluntarily or if dismissed, access rights to systems should be promptly terminated and tests of systems performed to identify any malware or backdoors that could have been installed.

There were several instances of dissatisfied IT contractors keeping remote access to networks after dismissal, with one particular case at a law firm finding an ex-IT worker setting up a backdoor and consequently accessing the system and purposefully causing harm after leaving work. In that instance, the individual was sentenced to 115 months in a federal penitentiary and was instructed to pay $1.7 million in reparation.