Subj : Ex-employee of major South-East Asian IT firm jailed after he bri To : All From : TechnologyDaily Date : Fri Jun 14 2024 17:45:05 Ex-employee of major South-East Asian IT firm jailed after he brings down its test servers with scripts found on Google Date: Fri, 14 Jun 2024 16:35:54 +0000 Description: Man will spend two-years and eight months in prison after his remote access credentials at National Computer Systems remained active. FULL STORY ====================================================================== An Indian national formerly employed in Singapore by the information technology (IT) services firm National Computer Systems (NCS) has been handed a custodial sentence for deleting all 180 of its test servers with scripts that he found on Google and then perfected. The story (via Toms Hardware ) says Kandula Nagaraju, 39, disagreed with his being fired for poor performance from NCS Quality Assurance (QA) department, concerned with testing new apps, and exploited the fact that his colleagues and superiors left his access credentials active to remotely wipe servers in a plan hatched from January through March 2023. The affected servers, NCS says, were devoted to internal app testing, and so no sensitive customer data was lost in the attack. Toms Hardware wrote recovery of the servers cost roughly S$678,000, but didnt share specific details on how this was done. Access credentials and data loss If we had to guess, the colossal scale of data lost in the attack (and the stretch of time that Nagaraju spent honing and testing the scripts) meant that data recovery software probably wouldnt cut it. Perhaps some consultants charging an eye-watering fee had disk images for the servers lying around. Its a bit like a film, the way Toms tells it: the QA team found that all of their test servers had been wiped in the space of one morning on March 20 2023. Though Nagaraju managed to evade detection while he continued to abuse his login credentials and obliterate servers, hes no evil genius: Singaporean police managed to track him via IP addresses submitted to them by his former employer, cease his laptop, and find the offending scripts. He apparently couldnt even be bothered to delete his browser history, putting him bang to rights for ripping them off the internet. Speaking to Channel News Asia (CNA), a NCS spokesperson claimed that Nagarajus access credentials remained active due to human oversight. Thats all well and good, but youd think an IT firm would keep a closer eye on servers vital to the operation of an entire department, especially when CNA also reported that NCS suffered a total loss of S$917,832 thanks to their rogue ex-employee. But its not all bad. Once Nagaraju gets out of prison, he probably has a shining future ahead of him in vulnerability testing. More from TechRadar Pro With just $700 and a Raspberry Pi you too can become a cybercriminal Raspberry Pi used in Texas ATM burglaries The future of hunting down security flaws could be multiple LLMs working together ====================================================================== Link to news story: https://www.techradar.com/pro/security/ex-employee-of-major-south-east-asian-i t-firm-jailed-after-he-brings-down-its-test-servers-with-scripts-found-on-goog le --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .