Who Is the San Francisco Hacker?


Childs, 43, plead not guilty Thursday to four felony counts of computer network tampering and one count of causing losses in excess of $200,000 as a result of the alleged tampering. Arrested last Sunday and arraigned Tuesday, Childs' bail has been set at $5 million. He has a bail hearing scheduled for next Wednesday at 9am PT.

Those are the basic facts, but dig a bit deeper and the picture grows cloudy. Here are some questions raised in the course of ChannelWeb's investigation of the ongoing case:

How much damage was done to the City and County of San Francisco's FiberWAN network?

Childs stands accused of causing losses in excess of $200,000 and on Friday, a Department of Technology official said there were still "huge portions that Mr. Childs locked everyone out of."

Sponsored post

But the official, Department of Technology deputy chief Ron Vinson, also insisted that "we have control over our FiberWAN network. ... We continue to work with our forensics team that we brought on to regain access, but we have maintained operability. We have not seen any downtime."

Childs will retain some benefits but will not collect a paycheck from the city while he awaits trial, having been placed on unpaid administrative leave, Vinson said.

"Technically, he's still an employee of the city," Vinson said, adding that the department had the green light to fill Childs' position in the interim. "When something like this happens, I'm authorized to backfill the position."

Vinson also said the department would accelerate its plans to increase security on the FiberWAN network. He said the procurement process for "a full analysis of the and#91;networkand#93; architecture" would begin next week, with the goal of moving network security issues "from containment to long-term remediation."

Has Childs been willing to cooperate with investigators or not?

Media reports in the days since Childs' arrest say the Pittsburg, Calif. man has refused to divulge to authorities an administrative password he allegedly created to lock down San Francisco's main IT network. His attorney, Erin Crane, painted a different picture Thursday.

The attorney told reporters following Childs' plea hearing that her client had "been willing to hand over the passwords since Tuesday." She further described the case against her client as a "big misunderstanding," according to numerous reports.

Crane, a San Francisco Public Defenders Office conflict panel member, was appointed Thursday to defend Childs when the original public defender, Mark Jacobs, removed himself from the case, citing a conflict of interest because Jacobs is a county employee whose payroll records are part of the same network with which Childs is charged with tampering.

Vinson said Friday that if Childs had been willing to cooperate, that hadn't been relayed to the Department of Technology.

"Crane's quote was news to me. That Mr. Childs was ready to give up information since Tuesday, we'd never heard of such a thing. The only thing we've heard from pub defenders' office is that he loves kittens," Vinson said, referring to a quote attributed to Childs' former attorney Mark Jacobs.

Does San Francisco have the expertise and experience to prosecute this case?

San Francisco District Attorney Kamala Harris has called the case "unique" and on Friday, a spokesperson for her office reiterated that "the DA has said that this case is the first of its kind we've seen in her tenure."

The case against Childs will be prosecuted by Conrad Del Rosario of the DA's office's Special Prosecution Division, the spokesperson said. She wasn't able to verify Friday what the Special Prosecution Division's particular mandate was.

Local defense attorneys familiar with the case raised doubts about the ability of the DA's Office to prosecute the case without outside help.

"For one thing, I haven't heard of the San Francisco DA's office and their high-level cybercrime unit, so I suspect they're scrambling on this," said Ian Loveseth, a San Francisco criminal attorney and member of the Public Defenders panel. "They may have to go out of their house to get some expertise.

"This may be the reason why you've got the PR people on behalf of the city saying everything's under control and the DA's office talking about all the damages caused," Loveseth said.

Randi Sue Pollack, another local criminal attorney, has served as lead defense on a federal network hacking case. She said it's rare to see cybercrime prosecuted at the state level.

Why was Childs' bail set so high?

Setting bail at $5 million for Terry Childs certainly raised eyebrows. Crane, Childs' attorney, called the figure "ridiculously high."

But one source close to the case claimed that Childs had $11,000 in cash in his possession when he was arrested at his Pittsburg, Calif. home Sunday. The source, speaking to ChannelWeb on the condition of anonymity, speculated that possession of such an unusually large amount of cash helped prosecutors' argument that Childs was a flight risk.

San Francisco District Attorney's Office spokesperson Erica Derryck would not comment on a direct question about Childs' alleged possession of such a large amount of cash. She did say that part of the reason bail was set so high was out of concern that Childs might disappear.

"What I can say about the bail being set at the level it was set at is that there were questions about flight, as well as about the full extent to which the alleged behavior and#91;Childs was charged withand#93; might have caused continuing damage and whether there was an ongoing threat going forward," Derryck said.

So who is Terry Childs?

The man accused of hijacking San Francisco's main IT network has been depicted by sources in various news reports and blog posts as everything from a gentle, quiet fellow who's been the victim of a giant misunderstanding to a disgruntled loner bent on revenge.

Dana Hom, a former colleague of Childs' at San Francisco's Department of Technology, told reporters Thursday that Childs was "very gentle," "very low-key" and "extremely competent." Hom, who said he served as chief operations officer from 2000 to 2004 at the department, known then as the Department of Telecommunications and Information, said, "I don't believe it's in Terry's character to do such a thing."

On the flip side, Tricia Liebert, a TechRepublic blogger, wrote a post Wednesday that claimed, with no identified sourcing, that Childs had been stalking a co-worker in recent weeks.

Meanwhile, in ChannelWeb's own forums, readers were mixed in their reactions as the story has developed. For some, Childs is a sort of IT hero for his alleged exposure of a security flaw in a municipal computer network. For others, no methods should be off limits to authorities trying to get Childs to divulge the master password he allegedly created to lock other administrators out of the network.

So far neither Childs' own attorneys nor the investigators and prosecutors lined up against him have given any real insight into the man himself. But by pleading not guilty, Childs has opened up the possibility of a whole, long trial ahead of us for that.