As a person of few morals and not being religious, I hope I have some impact by saying, remember the "Golden Rule"? It's a truth that is unbecoming in the comments I've seen posted. I'm an application developer and though I've "played" around with *hacking* (mostly just on my own boxes), I don't go around messing with my employers' computers. They simply aren't mine to do with as I please. Sure, I've installed SETI before, I've installed Napster before, and other 3rd-party software on *my* work computer. But, never took advantage of being in the position to install software across my employer's network. Go home and setup a small network if you want.
Basically, the case needs to be prosecuted and a *small* fine be imposed. The incident wasn't malicious and it was, or it seems, innocent. And, in reply to an earlier post questioning the merit of a severe punishment for a personal gain of *only* $1000 -- there's absolutely no logical reason to bring up the dollar amount ... $1 - $1000000 ... doesn't matter. The point is there was personal gain involved, regardless of the amount.
In conclusion, how'd some of you network admins out there like it if someone that you gave network access to (outside of your organization - say a client with ftp access), installed scripts that they could run remotely on your systems anytime they wanted just to use your system's idle time? ... I think you'd mind just a little.