How Not To Be A Millionaire: Resell Stolen Cisco Gear
Former Verizon engineer gets 4-year jail sentence and must pay $2.8 million in restitution after almost 10 years of fraudulently obtaining and then reselling Cisco networking equipment.
The FBI announced Wednesday that Michael W. Baxter, 62, of Ball Ground, Ga., has received a four-year jail sentence and been ordered to pay $2.8 million in restitution--$2.3 million to Cisco Systems and $463,000 to Verizon Wireless--after he pleaded guilty to charges that he profited from selling an estimated $4.5 million in stolen networking equipment, according to the Department of Justice.
"To accomplish his fraud, this defendant exploited ... Cisco's program for replacing expensive equipment on a moment's notice," said U.S. attorney Sally Quillian Yates in a statement. "He also abused his insider access to Verizon's procurement system."
More Security Insights
- The Untapped Potential of Mobile Apps for Commercial Customers
- Get Actionable Insight with Security Intelligence for Mainframe Environments
White PapersMore >>
Hired in 1994, Baxter worked as a network engineer at the southeastern regional headquarters of Verizon Wireless. According to Department of Justice prosecutors, from as early as 2001--and lasting until 2010, when he was fired--Baxter regularly submitted fraudulent requests to Cisco Systems. Verizon's extended warranty contract with Cisco required the networking equipment manufacturer to repair parts or replace them in advance of their failing, and Cisco provides customers, including Verizon, with an online service request and parts replacement system that can be used by authorized employees to order new parts.
But hundreds of times, said prosecutors, Baxter used the Cisco customer service system to order replacement parts when there was no problem with the existing equipment. These parts, which included processors and cards, could be worth up to $40,000 each. In addition, Baxter was also accused of causing Verizon to buy nearly $500,000 worth of unnecessary networking hardware from Cisco between 2000 and 2009. "Instead of placing the replacement parts into service in Verizon Wireless' network, Baxter simply took them home and sold them to third-party resellers for his own profit," according to the Department of Justice.
[ Cisco extends its embrace of software defined networking. See Cisco vCider Buy Fuels SDN Plans. ]
Where did the profits go? According to the FBI, Baxter maintained a "lavish lifestyle," spending the money on "jewelry, cars, extravagant international travel, and other personal luxury goods and services, including multiple cosmetic surgeries for his girlfriend."
In December 2011, Baxter was indicted by a federal grand jury on 15 counts of mail fraud and 15 counts of wire fraud, carrying a maximum sentence of 20 years in prison and a fine of up to $250,000 per count. Baxter was ultimately convicted of wire fraud charges after pleading guilty in court on February 16, 2012.
The FBI said that Verizon Wireless and Cisco had assisted its agents with the investigation.
Stepping back from the FBI's investigation, how was it that Cisco failed to spot Baxter's fraud campaign, which lasted for almost a decade, and which prosecutors have suggested involved $4.5 million total in stolen or wrongly obtained Cisco equipment? At the very least, the related shortfall in supposedly defective parts that were never returned to Cisco either went unnoticed, or was ignored by the technology manufacturer.
A Cisco spokesman didn't immediately respond to emailed questions about Cisco's approach to policing these types of issues, or whether Cisco has put new policies, procedures, and security checks in place to try and prevent them from recurring.
Likewise, Verizon failed to spot an insider making at least $500,000 in unnecessary orders over the course of almost 10 years. Given the cost of some of the gear in question--$40,000 a pop--the quantity of missing equipment may not have been large enough to trigger alarm bells, but Verizon is now out half a million dollars. Is there anything the mobile communications provider might have done to stop this fraud, or are there any new policies and procedures that officials have put in place to help crack down on this type of behavior? A Verizon spokeswoman didn't immediately respond to an emailed request for comment on those questions.
Benchmarking normal activity and then monitoring for users who stray from that norm is an essential strategy for getting ahead of potential data and system breaches. But choosing the right tools is only part of the effort. Without sufficient training, efficient deployment and a good response plan, attackers could gain the upper hand. Download our Fundamentals Of User Activity Monitoring report. (Free registration required.)