A tech firm, NCS, in Singapore, has sentenced a former employee of its to prison for two years and eight months for using computer material in an unauthorized manner. A former worker of the company, named Kandula Nagaraju, who deleted the entire virtual servers of the company`s system, took to the company to the tune of approximately $918,000 (US$678,000).
Nagaraju, 39, was removed from NCS in October 2022 because of his poor performance at work. He was “confused and upset” because he didn’t believe his job performance had been so poor. He is very much convinced that he is the one who has made a big impact on the company. He came back to India after his dismissal, but that didn’t end his relationship with NCS.
The company had a 20-member team, since the time of the onboarding of Nagaraju to the team until the last month of his suspension, operating the quality assurance (QA) computer system at NCS. The said system was a test bed for new software and programs, whose numbers were about 180. No server of those servers stored any delicate information.
He accessed the QA system on his laptop from his laptop without getting proper permission from the authorities; he did so by using his administrator login credentials six times between January 6 and January 17, 2023. He returned to Singapore, the next month, and by using a former colleague’s Wi-Fi network was allowed access to the system again.
In the process, he opened those scripts to verify if they successfully deleted the servers using the test access. Then he managed to delete all the 180 virtual servers using the programmed script one by one either on the 18th or 19th of March, in 2023. The NCS team discovered the problem a day later when the system became illegal to access. Despite their diagnostics of the machine, they became aware that the servers were lost.
April 11, 2023, was the date of the filing of a police report, and the investigation resulted in the confiscation of Nagaraju’s laptop, which held the script to delete the files. Inquiries into this matter also showed that he downloaded some scripts from the Internet that delete servers, and then, he made his alterations.
Cybersecurity in businesses is not only about technology but also about the people who are part of the system and how management deals with the issues that arise. Synopsys Software Integrity Group senior team security engineer Boris Cipot gave a sobering comment on this topic when he said, “The accounts and their access to resources must also be constantly monitored, and in case of irregularities, the responsible person or system needs to be alerted.”
Moreover, one might wonder if it was appropriate to have kept Nagaraju’s account open and not observing it. Javvad Malik, the head security awareness advocate at KnowBe4, contributed to this point by declaring that the incident is the clearest indicator yet that a huge number of companies still get it wrong with exit processes.
In the final analysis, despite his awareness that post-employment he was not supposed to enter the system, Nagaraju made a grave mistake that brought about a significant financial loss for NCS, and he was confronted with a real case of cybercrime damages if he continued.
More for you:
- An employee who had been dismissed, however, managed to access the company’s ‘test system’ and then wiped the servers. This action resulted in the company losing S$918,000.
- An Indian IT specialist was put in prison in Singapore. His crime was hacking into the systems of a company, which dismissed him.
- A former IT worker in Singapore vented his anger by carelessly deleting more than 180 servers.
The company’s angry former employee caused the loss of SGD918,000.