There was a case (I think back in the late 90's) where a disgruntled IT director took the backups (tapes and removable drives) and erased them all, and then planted a worm that each morning he had to disable. Apparently no one really cared for this person at the Architecture firm where he worked and finally, he was fired. The day after his firing people came in, turned on their machines and were informed some maintenance needed to be run - in fact, it was the worm that ran and formatted every hard drive in the company. This fellow was easily traced of course, arrested and if I recall correctly, he got four years in prison. Sadly, the company went out of business within a year and though they did pursue damages, there was really nothing they were going to get from this guy.

Tape backups are fine, and yes, a good idea. But the reality is that anything that can built, can be un-built, or in short, hacked. Anyone in the IT field who does not believe this lives in a fantasy world. Its documented that even the Pentagon and NSA computers have been hacked at times.

What we need are much more stringent legal avenues to meet this problem. This is just the sad reality of it. There are going to be hackers who want fame amongst other hackers, and there are going to be those who see their jobs in IT as their own private Kingdoms and God help anyone who challenges them. We cannot avoid this - its human nature in some devious and partially devious people.

But if you knew that you would spend say 20 or 30 years in jail for such behavior, wouldn't that at least help deter this kind of thing? I think so, and I don't see any other way to address the problem.