• Enjoy the freedom to innovate and grow your business

    [ad] With Microsoft Azure you have hybrid cloud flexibility, allowing your platform to span your cloud and on premise data centre. Learn more at microsoftcloud.com.

  • IT Admin: No Time to Save Time?

    [ad] Do you spend too much time patching machines or cleaning up after virus attacks? With automation controlled from a central IT management console accessible anytime, anywhere – you can save time for bigger tasks. Try simple IT management from GFI Cloud and start saving time today!

  • Free Forrester analysis of CRM solutions

    [ad] In this 25 page report, independent analyst house Forrester evaluates 18 significant products in the customer relationship management space from a broad range of vendors, detailing its findings on how CRM suites measure up and plotting where they stand in relation to each other. Download it for free now.

  • Great articles on other sites
  • RSS Great articles on other sites

  • Reader giveaway: Google Nexus 5

    We’re big fans of Google’s Nexus line-up in general at Delimiter towers. Nexus 4, Nexus 7, Nexus 10 … we love pretty much anything Nexus. Because of this we've kicked off a new competition to give away one of Google’s new Nexus 5 smartphones to a lucky reader. Click here to enter.

  • Enterprise IT, News - Written by on Monday, May 21, 2012 13:32 - 26 Comments

    The ABC didn’t sack Bitcoin miner

    news The Australian Broadcasting Corporation didn’t fire an un-named IT worker who attempted to use the broadcaster’s vast server infrastructure to make himself a fortune through the Bitcoin virtual currency system, it has emerged, with the employee merely being disciplined and having their access to certain IT systems restricted.

    In June last year, as reported by the Sydney Morning Herald and Crikey, the broadcaster discovered that an IT worker had set up the Bitcoin mining software on a number of ABC systems in order to generate the currently. Bitcoin is a decentralised virtual currency that uses a series of key technologies such as peer to peer networking, digital signature and encryption to function. Users can ‘mine’ for Bitcoins using computer resources.

    At the time, it was reported that the ABC was investigating the issue, following the discovering of the inappropriate use of the broadcaster’s IT infrastructure. This morning, Liberal Senator Eric Abetz published the result of questions he had filed with the ABC in relation to the issue.

    The result of the investigation, the ABC told Abetz, was that the employee was disciplined. “Their access to all production systems has been restricted,” the broadcaster added, and “the employee is being closely supervised by their manager”. The placement of the Bitcoin mining code onto the ABC’s servers had been detected by internal ABC checks “within 30 minutes”, the ABC said, and was removed immediately. The IT worker themselves had been able to set up the system because they had “high-level IT access privileges”.

    The ABC stipulated that its Grandstand Sports website was affected by the Bitcoin operation for a short period, but there was no further impact on the broadcaster’s website or its distribution operations. “There was no impact on the ABC’s internal and external online distribution infrastructure,” it added. “As this software was for a short time embedded within pages on the ABC website, visitors to these pages may have been exposed to the Bitcoin software, however it is not possible for the ABC to ascertain whether any audience computers were affected by Bit coin software. The ABC has not received any complaints from audience members as a result of this Bitcoin code.”

    Despite the large amount of processing resources the ABC uses, the Bitcoin mining was “ineffective” and did not actually generate any Bitcoins, the broadcaster noted. “The ABC is cognisant of its responsibilities with regards to IT security,” it said. ABC IT systems continue to scan the ABC’s equipment for vulnerabilities and all users of ABC’s internet technologies are bound by ABC security policies and codes of practice.” A spokesperson for Abetz noted that the Coalition was planning on quizzing the ABC further about the issue, including filing a request for the code that would have been downloaded to users’ machines.

    While most Australian organisations allow some use of their computing resources for personal use (such as web browsing on a work desktop PC), it is likely that the IT staffer’s efforts to use the ABC’s IT resources for Bitcoin mining violated common IT industry codes of ethics. The Systems Administrators Guild of Australia, for example, has an ethical code stating that members must seek to prevent unauthorised use of the systems overseen by their members.

    There’s not really much to say here, apart from that we’re surprised that the ABC has not terminated the employment of the individual concerned in this case. This was a clear misuse of the organisation’s IT systems for personal gain, and had the potential to make the individual a significant amount of money if the plan had succeeded.

    Given their high level of access (we’re sure they had root on the IT systems concerned), it does seem surprising that the ABC’s own detection systems were able to sniff out the Bitcoin mining code so quickly. You’d think, if the staffer concerned had that level of access, that they would have been aware of the detection systems.

    submit to reddit


    You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

    1. moldor
      Posted 21/05/2012 at 1:37 pm | Permalink |

      If every company/department terminated people for “misuse of the organisation’s IT systems for personal gain” we’d have massive unemployment in the IT industry.

      This guy was an idiot – pure and simple. He put no thought into how he could get the servers to run the software in “stealth mode”, not affecting anything else and therefore deserved to be caught.

      • Posted 21/05/2012 at 1:40 pm | Permalink |

        So what, you’re saying that his only fault was getting caught? I don’t think so. What he did was wrong and puts the IT profession into ill repute.

        • PointZeroOne
          Posted 21/05/2012 at 2:00 pm | Permalink |

          I really don’t think he should of lost his job over this, it wouldn’t surprise me if he’s been put on a very short leash.

          Also ‘IT Profession’? I know the IT industry is working hard to make itself be called a ‘Profession’ but it isn’t at this stage.

          • Posted 21/05/2012 at 2:30 pm | Permalink |

            why wouldn’t it be called a ‘profession’?? what is your definition of a ‘profession’ and why doesn’t IT fit?

            very confusing statement, i must say, and not the least bit insulting to many of us in the IT profession.

            • PointZeroOne
              Posted 21/05/2012 at 3:03 pm | Permalink |

              A paid occupation, esp. one that involves prolonged training and a formal qualification.

              You don’t have to have a formal qualification to do IT.

              Being a Nurse is a profession, I just can’t walk into a job of being a Nurse. But I can just walk into the job of working in IT if I can prove I’ve got the skill set.

              • Posted 21/05/2012 at 4:13 pm | Permalink |

                plenty of IT-related jobs require formal qualifications (or certifications). not all, i admit, but plenty still do.

                you’ve just described 3/4′s of the jobs in the world.

                still don’t get the point of the comment when it doesn’t really have any relevance in the context of the article.

                but whatever floats your boat…

                • Rod Rye
                  Posted 22/05/2012 at 10:30 pm | Permalink |

                  There is no body in IT that stipulates that you must have a certain tertiary qualification to undertake any activity. Unlike in a ‘profession’ like Medicine, Law etc etc, where you actually have to have a specific degree from a recognised institution to practice. Some employers may have requirements for a particular degree, but almost always this is able to be bypassed with sufficient experience instead.

                  But of course this is really nit picking. You can describe yourself as a professional, but under the definition it isn’t ‘a profession’ unless it is a requirement. And it isn’t. Ironically, it’s the fact that you’re allowed to call yourself an IT professional with no qualifications that makes it not a profession. You can’t call yourself a Dentist without the appropriate qualifications for example.

                  Anyway, sacking is really for people that intend theft or damage to property, for people that are stupid, well, I’d dare say the majority of the country would be unemployed.

                • Noddy
                  Posted 22/05/2012 at 10:57 pm | Permalink |

                  Actually I cannot think of an IT job that requires any tertiary qualifications or certifications. Not by law. You need them to be paid under certain awards but employers are free to hire anyone for any position. Then again qualifications aren’t all they are cracked up to be. I know plenty of “programmers” who did there 3 or 4 year degree and couldn’t program for shit. It’s really something they have to want to learn and be good at. Just attending classes and passing tests doesn’t necessarily give them the mind set required to program.

          • Posted 21/05/2012 at 4:13 pm | Permalink |

            “I know the IT industry is working hard to make itself be called a ‘Profession’ but it isn’t at this stage.”

            Yes it is. There are qualifications you can do, a career path, different areas of specialisation, professional groups such as the ACS and SAGE-AU which you can join, other specific industry associations such as the SAP and Oracle user groups. Working in IT is a profession like any other — especially like the other white collar professions (medicine, accountancy, legal and so on). ‘IT professional’ is probably the term most often used to describe Delimiter readers, in fact.

            • Noddy
              Posted 21/05/2012 at 5:16 pm | Permalink |

              Unfortunately the term IT is a little broad. When I first started programming in the 80s, there were programmers, analyst, system admins and data entry operators and that was about it. Then the term IT started to be used for anyone who touched a computer. More often than not someone with the job title IT professional changed printer cartrudges. These days it is still just as broad. In an industry that has so many specialisations I would be suspicious of someone describing themselves as an IT professional.

              There are qualifications and cerifications you can do, but, they are not mandatory. Someone can be employed in IT with no formal qualifications, for better or worse. Some organisations insist of formal qualifications and for foreign employees to undergo ACS certification to make sure they are suitably qualified and experienced. Without some form of tertiary qualification in IT, engineering or the likes or ACS certification you are not covered by the Professional employee’s award and are classed and fall under the general catch all base award.

              • Rod Rye
                Posted 22/05/2012 at 10:34 pm | Permalink |

                When people say particular jobs in IT require qualifications, those might be professions, but it doesn’t make IT as a ‘whole’ a profession. I’m not aware of any IT jobs that absolutely definitely require any tertiary degree level qualifications. IT is broad, like business, or science.

                • Noddy
                  Posted 22/05/2012 at 10:52 pm | Permalink |

                  Agreed. I personally don’t like the term IT. Way too broad. I could also say I work in manufacturing or the building industry. You could be anything from a bricky to an engineer or architect and say you work in the building industry.

    2. No Reply
      Posted 21/05/2012 at 2:41 pm | Permalink |

      Unprofessional. Unethical. The ABC hires certified amateurs, so-called “Experts” on paper recognised and preferred by recruitment industry, with a certifying side business.

    3. midspace
      Posted 21/05/2012 at 2:45 pm | Permalink |

      There seems to a distinct split in society.
      On the one hand, criminals are incarcerated for the purpose of rehabilitation, and correcting the behaviour of the individuals.
      Yet, when a Politician does something wrong, we insist they leave their seat, quit their party, or cease working in politics.
      The same can be said of this ABC IT worker. Why must be sacked?

      When have we stopped giving people a second chance?
      When have we stopped giving people a chance to learn from their mistakes?
      When have we stopped re-educating, or teaching people to do the right thing?
      Should not individuals be made to clean up their mistakes, and learn from the process what harm they have caused to others?

      Or in the future are we going to become a society that simply avoids all direct responsibility of our actions, by pulling out a dagger and ripping open our stomachs in ritual seppuku?

      Renai. “generate the currently” should be “generate the currency”.

    4. John Dalton
      Posted 21/05/2012 at 3:08 pm | Permalink |

      Given their high level of access (we’re sure they had root on the IT systems concerned), it does seem surprising that the ABC’s own detection systems were able to sniff out the Bitcoin mining code so quickly. You’d think, if the staffer concerned had that level of access, that they would have been aware of the detection systems.

      At a guess, the bitcoin software triggered an alert for crossing some kind of CPU usage threshold. It’s possible the staff member involved had access to only a subset of systems, and may even have been unaware of the monitoring systems. It certainly wasn’t a very bright move.

      As this software was for a short time embedded within pages on the ABC website, visitors to these pages may have been exposed to the Bitcoin software

      This is *far* more serious than just an abuse of organisational IT resources. This person attempted to use the computing resources of visitors to an ABC website, not just internal servers. If this wasn’t actually a criminal offence, it sounds like it came very close. It should have been a career-ending move.

    5. Posted 21/05/2012 at 3:21 pm | Permalink |

      I’m not surprised he wasn’t sacked. Better to employ someone who has learnt a lesson, than risk having some new guy do exactly the same thing.

    6. Ian Cullinan
      Posted 21/05/2012 at 3:45 pm | Permalink |

      “As this software was for a short time embedded within pages on the ABC website, visitors to these pages may have been exposed to the Bitcoin software”

      That sounds somewhat odd. Was the guy running a bitcoin miner on (some of) the ABC’s servers, or was did he embed a javascript bitcoin miner into some ABC web pages? The latter seems a lot worse, because in that case he was not just abusing his employer’s infrastructure, but also abusing his employer’s relationship with their users.

      • Thrawn
        Posted 21/05/2012 at 5:26 pm | Permalink |

        It definitely sounds like a Javascript miner to me..

        Person is most likely a Web dev with deploy permissions to just the ABC Grandstand Sports site.

        Be interesting to see what caught it. An obvious one would be an inquisitive ABC website visitor catching the code when noticing his CPU usage went nuts.. then notifying ABC immediately

        But yeah, this is VERY bad because it was not just an attempt to use his company’s resources but also the general public.

        Even if the employee had permission from ABC management it would’ve probably been considered illegal in the eyes of the law

        • SMEMatt
          Posted 22/05/2012 at 10:24 am | Permalink |

          “Software on a web-server” could = “software on the website” to the none IT person writing the press release.

    7. Posted 21/05/2012 at 4:28 pm | Permalink |

      This is a horrifying blight on the reputation of the whole ABC and a major betrayal of the trust of colleagues and audience.
      This person (who’s identity is a very poorly kept secret) should not have been able to remain in their position.

      Beyond the IT angle, misusing corporation resources for profit is gross misconduct let alone misusing ABC audiences for profit. And attempting to commit a crime is still a crime, is it not?

      Potentially more frightening and shameful is that this person’s supervisor (and they’re supervisors) seem incompetent (or unwilling) to comprehend the seriousness of this situation. This senior manager has had other persons removed from ABC premises for lesser IT policy infractions (and in truth should themselves be scandalised in their own right for other reasons).

      The Australian people, Mark Scott and the rest of the ABC have been very poorly served by these people’s advice on this and other issues involving abc.net.au.

      PS. For what it’s worth the alleged is very unlikely to have had root on the servers

    8. Rhys
      Posted 22/05/2012 at 10:07 am | Permalink |

      Poor bloke is probabley young and stupid. Poor than likely they have a poor access level setup, where if you fill an it role, you get domain admin access. This will only make them wake up to the fact that it needs review.

      Also, 30 minutes to find it, hogwash.. More likey 30 minutes for the guy to tell someone, who told someone else, who dobbed him in for obvious reasons like “wish I had thought of that”.

    9. Douglas
      Posted 22/05/2012 at 3:25 pm | Permalink |

      Apparently someone else used his username and password to impersonate the young fella while installing the dodgy code. That’s the story I got from Craig Thomson anyhow…

    10. PeterA
      Posted 22/05/2012 at 3:37 pm | Permalink |

      Sounds like a JavaScript miner. I saw these back in the days of the bitcoin bubble.
      He doesn’t necessarily have administrative access to the machines, he is more likely to be a web developer that has access to update the site as someone else mentioned here.
      It may have been noticed in code review, or more likely was a JavaScript cross site script reference that pointed at a non SSL website, probably caused “insecure items detected” messages when trying to log in to the site.

    11. Posted 25/05/2012 at 11:20 am | Permalink |

      I agree with those above, that although silly to do, it was also a harmless excercise. If it was causing resource contention issues on Production servers, that isn’t harmless, but it would inevitably be picked up and removed.

      Silly, but not serious enough to fire someone over. Anyone stating that abusing IT policy is a serious offence better not be reading this site whilst at work…

    12. Isaac
      Posted 25/05/2012 at 6:59 pm | Permalink |

      I’m astounded at the emotional response from people on here. From what it sounds it was a very basic javascript miner. Last I checked topped out at a few MH/s. That’d mean a good 100,000 visitors would struggle to make him $10.

      I highly doubt he would be able “to make himself a fortune ” off of that.

      The dude did something dumb, predominantly harmless and entirely reversible. And he should be hanged, drawn and quartered for it? Get real…

    13. Best of all worlds
      Posted 25/05/2012 at 9:05 pm | Permalink |

      Only two industries that have ‘users’ – I.T. and drug distribution.

    Get our 'Best of the Week' newsletter on Fridays

    Just the most important stories, one email a week.

    Email address:

  • Most Popular Content

  • Six smart secrets for nurturing customer relationships
    [ad] Today, we are experiencing a world where behind every app, every device, and every connection, is a customer. Your customers will demand you to be where they and managing customer relationship is the key to your business’s growth. The question is where do you start? Click here to download six free whitepapers to help you connect with your customers in a whole new way.
  • Enterprise IT stories

    • NetSuite in whole of business TurboSmart deal turbosmart

      Business-focused software as a service giant NetSuite has unveiled yet another win with a mid-sized Australian company, revealing a deal with automotive performance products manufacturer Turbosmart that has seen the company deploy a comprehensive suite of NetSuite products across its business.

    • WA Health told: Hire a goddamn CIO already doctor

      A state parliamentary committee has told Western Australia’s Department of Health to end four years of acting appointments and hire a permanent CIO, in the wake of news that the lack of such an executive role in the department contributed directly to the fiasco at the state’s new Fiona Stanley Hospital, much of which has revolved around poorly delivered IT systems.

    • Former whole of Qld Govt CIO Grant resigns petergrant

      High-flying IT executive Peter Grant has left his senior position in the Queensland State Government, a year after the state demoted him from the whole of government chief information officer role he had held for the second time.

    • Hills dumped $18m ERP/CRM rollout for Salesforce.com hills

      According to a blog post published by Salesforce.com today, one of Ted Pretty’s first moves upon taking up managing director role at iconic Australian brand Hills in 2012 was to halt an expensive traditional business software project and call Salesforce.com instead.

    • Dropbox opens Sydney office koalabox

      Cloud computing storage player Dropbox has announced it is opening an office in Sydney, as competition in the local enterprise cloud storage market accelerates.

    • Heartbleed, internal outages: CBA’s horror 24 hours commbankatm

      The Commonwealth Bank’s IT division has suffered something of a nightmare 24 hours, with a catastrophic internal IT outage taking down multiple systems and resulting in physical branches being offline, and the bank separately suffering public opprobrium stemming from contradictory statements it made with respect to potential vulnerabilities stemming from the Heartbleed OpenSSL bug.

    • Android in the enterprise: Three Aussie examples from Samsung androidapple

      Forget iOS and Windows. Today we present three decently sized deployments of Android in the Australian market on Samsung’s hardware, which the Korean vendor has dug up from its archives over the past several years for us after a little prompting :)

    • Businesslink cancelled Office 365 rollout cancelled

      Microsoft has been on a bit of a tear recently in Australia with its cloud-based Office 365 platform, signing up major customers such as the Queensland Government, Qantas, V8 Supercars and rental chain Mr Rental. And it’s not hard to see why, with the platform’s hybrid cloud/traditional deployment model giving customers substantial options. However, as iTNews reported last week, it hasn’t been all plain sailing for Redmond in this arena.

    • Qld Govt inks $26.5m deal for Office 365 walker

      The Queensland State Government yesterday announced it had signed a $26.5 million deal with Microsoft which will gain the state access to Microsoft’s Office 365 software and services platform. However, with the deal not covering operating system licences and not being mandatory for departments and agencies, it remains unclear what its impact will be.

    • Hospital IT booking system ‘putting lives at risk’ doctor

      A new IT booking platform at the Austin Hospital and Olivia Newton-John Cancer and Wellness Centre in Melbourne is reportedly placing the welfare of patients with serious conditions at risk.

  • Enterprise IT, News - Apr 17, 2014 16:39 - 0 Comments

    NetSuite in whole of business TurboSmart deal

    More In Enterprise IT

    News, Telecommunications - Apr 17, 2014 11:01 - 140 Comments

    Turnbull lies on NBN to Triple J listeners

    More In Telecommunications

    Featured, Industry, News - Apr 17, 2014 9:28 - 1 Comment

    Campaign Monitor takes US$250m from US VC

    More In Industry

    Digital Rights, News - Apr 17, 2014 12:41 - 14 Comments

    Anti-piracy lobbyist enjoys cozy email chats with AGD Secretary

    More In Digital Rights