Singapore, a country known for its strict laws and emphasis on cybersecurity, recently saw a case unfold that highlighted the dangers posed by disgruntled employees within an organization. The incident involved a 39-year-old Indian national, Kandula Nagaraju, who was sentenced to two years and six months imprisonment for hacking into his former employer’s computer system and deleting critical data.
Nagaraju was employed at National Computer Systems (NCS) as part of a 20-member team responsible for managing a quality assurance computer system containing 180 virtual servers. However, his employment came to an abrupt end in October 2022 due to poor performance, a decision that left him feeling confused and upset. Believing that he had performed well, Nagaraju’s emotions drove him to take drastic actions against NCS.
Upon returning to India, Nagaraju initiated a series of cyberattacks against NCS between January and March 2023. Operating remotely, he gained unauthorized access to the company’s systems multiple times, demonstrating a calculated and persistent effort to target his former employer. The attacks unfolded in stages, with Nagaraju familiarizing himself with the system, exploring vulnerabilities, and ultimately executing a pre-written script to delete 180 virtual servers one by one in March 2023.
The devastating impact of Nagaraju’s actions on NCS resulted in significant financial losses estimated to be around SGD 918,000. The discovery of the deleted servers led to a police report being filed, and investigations uncovered Nagaraju’s laptop containing the script used in the cyberattacks. It was revealed that Nagaraju had searched for scripts to delete virtual servers on Google, indicating premeditation and deliberate intent.
This case serves as a stark reminder of the threat that disgruntled employees pose to a company’s cybersecurity. The need for robust access control measures and timely removal of access privileges for terminated employees is emphasized to prevent such incidents from occurring in the future. Unfortunately, this is not an isolated incident, as history has shown several other cases where ex-employees have caused harm to their former employers through cyberattacks.
In April 2017, an ex-Marriott employee hacked into the hotel reservation system and drastically reduced room rates, while in May 2018, a Coca-Cola ex-employee stole a hard drive containing personal information of over 8,000 workers. Similarly, in June 2018, a former Tesla employee hacked and shared sensitive data with third parties, highlighting the ongoing threat posed by disgruntled individuals within organizations.
The pattern continued in July 2018 when an Israeli man stole secrets from the NSO Group, a spyware firm, and attempted to sell the stolen data on the dark web. In August 2020, an Indian citizen on an H1-B visa hacked into Cisco’s AWS infrastructure and erased virtual machines, causing damage to the network.
These incidents underscore the importance of proactive measures to prevent insider threats and safeguard sensitive data. Companies must remain vigilant and implement effective security protocols to mitigate the risks posed by disgruntled employees and other malicious actors. As technology continues to advance, the need for robust cybersecurity measures becomes increasingly critical to protect organizations from cyber threats originating from both within and outside their walls.