Fired employee accessed company’s computer 'test system' and deleted servers, causing it to lose S$918,000
The 39-year-old man, who was "confused and upset" after being fired, deleted 180 virtual servers from NCS' computer system.
SINGAPORE: Upset that he was fired, an employee accessed his former company’s computer test systems and deleted 180 virtual servers, costing them about S$918,000 (US$678,000).
Kandula Nagaraju, 39, was sentenced to two years and eight months' jail on Monday (Jun 10) for one charge of unauthorised access to computer material. Another charge was taken into consideration for sentencing.
His contract with NCS was terminated in October 2022 due to poor work performance and his official last date of employment was Nov 16, 2022.
According to court documents, Kandula felt "confused and upset" when he was fired as he felt he had performed well and "made good contributions" to NCS during his employment.
After leaving NCS, he did not have another job in Singapore and returned to India.
WHAT HAPPENED
Between November 2021 and October 2022, Kandula was part of a 20-member team managing the quality assurance (QA) computer system at NCS.
NCS is a company that offers information communication and technology services. The system that Kandula’s former team was managing was used to test new software and programs before launch. In a statement to CNA on Wednesday, NCS said it was a "standalone test system".
It consisted of about 180 virtual servers, and no sensitive information was stored on them.
After Kandula's contract was terminated and he arrived back in India, he used his laptop to gain unauthorised access to the system using the administrator login credentials. He did so on six occasions between Jan 6 and Jan 17, 2023.
In February that year, Kandula returned to Singapore after finding a new job. He rented a room with a former NCS colleague and used his Wi-Fi network to access NCS' system once on Feb 23, 2023.
During the unauthorised access in those two months, he wrote some computer scripts to test if they could be used on the system to delete the servers.
In March 2023, he accessed NCS' QA system 13 times. On Mar 18 and 19, he ran a programmed script to delete 180 virtual servers in the system. His script was written such that it would delete the servers one at a time.
The following day, the NCS team realised the system was inaccessible and tried to troubleshoot, but to no avail. They discovered that the servers had been deleted.
On Apr 11, 2023, a police report was made and several IP addresses uncovered by internal investigations were handed over to the police.
Kandula's laptop was seized by the police and the script used to carry out the deletions was found on it.
Investigations revealed that he had searched on Google for scripts to delete virtual servers, which he then used to code the script.
At all times, he was aware after his employment with NCS ended that he was not authorised to access the system. As a result of his actions, NCS suffered a loss of S$917,832.
Editor's note: The sentence given to Kandula Nagaraju has been corrected in this article to two years and eight months from two years and six months. We apologise for the error.