What do you do when you work for a large (and secret) government agency as an outside contractor and your work is constantly slowed down by bureaucracy and paperwork? One way to solve the problem, at least as one Mr. Colon did, is to hack FBI’s secret computer servers and obtain the passwords of thousands of employees and agents. This would certainly help you move around the bureaucracy machine faster, but will also likely get you some time in jail.

Washington Post reports on the case of Mr. Coon, a government consultant with BEA Systems, who used readily available software to obtain hashes of all passwords of FBI computer users and then run password cracking against the hashes thus obtaining the passwords of 38,000 employees, including access to top secret programs such as the Witness Protection Program and details on counterespionage activity. Mr. Colon was caught, fired from his job, and has since plead guilty to four counts of intentionally accessing a computer with exceeding authorized access and obtaining information from any department of the United States under 18 U.S.C. § 1030.

Colon’s lawyers said FBI officials in the Springfield office approved of what he was doing, and that one agent even gave Colon his own password, enabling him to get to the encrypted database in March 2004. Because FBI employees are required to change their passwords every 90 days, Colon hacked into the system on three later occasions to update his password list.

While Mr. Colon has only himself to blame, the FBI (and other agencies) should not wait to patch their systems to prevent users with simple hacking skills and seemingly benevolent (as in Mr. Colon’s case) or dangerously malicious ideas from accessing critical information.