A cautionary tale for any network, government or business:
He won't give up the passwords, they say, even as he's charged with four counts of computer tampering.
Though the story doesn't provide any technical details - such as whether passwords were changed on servers, network equipment, or the whole shebang - it's a scary thought for any important network.
These types of events are thankfully rare and most admins are generally trustworthy folks who care far too much about their professional reputations to pull anything like this. But all the same, here's a suggestion to protect your own company's network against such insider hijacks.
Ask your IT folks to set up your monitoring system such that when critical passwords are changed, such as root on a unix server or the admin login on network equipment, the IT group, including the manager, gets an e-mailed notice. If at least one other person knows when someone suddenly begins to change critical passwords on multiple systems, you'll have a chance to head off that particular hijack before it goes too far.
This shouldn't be a difficult move, especially if your network uses a centralized authentication server. You might be able to monitor using SNMP, or with a tool called Tripwire that can check to see when particular files change.
You can also make sure that the IT manager and staff knows how to reset the root or admin password on critical systems. Most systems should allow for doing so if you have physical access - keep the instructions for just this kind of emergency.