Products
▸
This week’s news digest is about how fired and fake employees can cause disasters.
On May 10, 2024, Nagaraju Kandula, a former quality assurance team member at National Computer Systems (NCS), a Singaporean company that offers information communication and technology services, was sentenced to 2 years and 8 months in prison for wiping out 180 virtual servers of the company.
Kandula was fired for poor performance on November 16, 2022. However, the man felt “confused and upset,” as he thought that he did not deserve that. NCS did not invalidate Kandula’s credentials in a timely manner, and he managed to access the company’s systems multiple times after the termination of his employment.
To take his revenge, Kandula decided to delete the servers. On March 18 and 19, 2023, he executed his programmed script and wiped out NCS serves one by one.
The following day, the NCS team realized that the servers had been deleted and reported the incident to the police. The police traced the attack back to Kandula through his IP address and confiscated his laptop, where they found the malicious script and a history of Google searches for scripts to delete servers. NCS claims that only the software testing platform environment was affected. Nevertheless, the ex’s revenge cost the company a lot; the damage is estimated at 678,000 USD.
This case is a reminder for employers about the importance of immediately revoking access for employees who have resigned or been fired to prevent similar attacks. Meanwhile, the next incident warns us that not only can terminated employees cause harm, but fake ones might do the same.
On June 12, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) of the USA warned of criminals impersonating its representatives and making phone calls. The goal of the malicious actors is to trick potential victims into transferring money. The cybersecurity agency’s statement says: "As a reminder, CISA staff will never contact you with a request to wire money, cash, cryptocurrency, or use gift cards and will never instruct you to keep the discussion secret." We in turn recommend that you be careful and maintain critical thinking to avoid falling prey to scammers.
To sum up, stay vigilant and prioritize security. If you are an entrepreneur looking for protection against internal threats like those described above, consider implementing a reliable and cost-effective managed security service. Click here to take a step toward ensuring a safe and secure business environment.