Brian P. Johnson, 44, of Baton Rouge, Louisiana, will have to spend the next 34 months in federal prison and pay $1,134,828 in damages after hacking his former employer shortly after being fired.
According to court documents, Johnson worked for several years as an IT specialist and systems administrators for Georgia-Pacific, a company that describes itself as one of the world’s largest manufacturers of paper, pulp, tissue, packaging, building materials, and related chemicals.
On February 14, 2014, management at Georgia-Pacific's Port Hudson mill terminated Johnson's contract, and security escorted Johnson out of the factory's premises.
Holding a grudge for his sudden termination, investigators say that during the next two weeks, Johnson used his previous accounts to connect to the mill's network and alter various configurations, bringing, in some cases, the mill's production to a halt.
Suspecting that Johnson may have been behind some of the attacks, Georgia-Pacific requested the FBI's assistance, which on February 13, 2014, executed a search warrant at Johnson's house.
Investigators weren't wrong, as court documents reveal that FBI agents found an open virtual private network connection to Georgia-Pacific's network on Johnson's computer screen when they searched his home in Zachary, Louisiana.
Following a thorough investigation of Johnson's remote sessions to the Port Hudson mill after his termination, FBI agents concluded that the former employee intentionally sabotaged his former employer as payback.
A year later, in February 2016, faced with all charges, Johnson formally admitted his crimes. Following his guilty plea, a judge sentenced him to two years and ten months in prison, and also awarded Georgia-Pacific damages to cover the downtime brought by Johnson's hacks.
According to its homepage, Georgia-Pacific employs about 35,000 people in more than 200 facilities, and its mills run around the clock, meaning any downtime resulted in setbacks.
Johnson is not the first or the last employee to hack his former employer. Last year, a sysadmin who worked for a Pennsylvania ISP received two years in prison for crashing the ISP's network and then requesting a ridiculous sum of money to help fix the problem.