This week’s news digest is about how fired and fake employees can cause disasters.
On May 10, 2024, Nagaraju Kandula, a former quality assurance team member at National Computer Systems (NCS), a Singaporean company that offers information communication and technology services, was sentenced to 2 years and 8 months in prison for wiping out 180 virtual servers of the company.
Kandula was fired for poor performance on November 16, 2022. However, the man felt “confused and upset,” as he thought that he did not deserve that. NCS did not invalidate Kandula’s credentials in a timely manner, and he managed to access the company’s systems multiple times after the termination of his employment.
To take his revenge, Kandula decided to delete the servers. On March 18 and 19, 2023, he executed his programmed script and wiped out NCS serves one by one.
The following day, the NCS team realized that the servers had been deleted and reported the incident to the police. The police traced the attack back to Kandula through his IP address and confiscated his laptop, where they found the malicious script and a history of Google searches for scripts to delete servers. NCS claims that only the software testing platform environment was affected. Nevertheless, the ex’s revenge cost the company a lot; the damage is estimated at 678,000 USD.
This case is a reminder for employers about the importance of immediately revoking access for employees who have resigned or been fired to prevent similar attacks. Meanwhile, the next incident warns us that not only can terminated employees cause harm, but fake ones might do the same.
On June 12, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) of the USA warned of criminals impersonating its representatives and making phone calls. The goal of the malicious actors is to trick potential victims into transferring money. The cybersecurity agency’s statement says: "As a reminder, CISA staff will never contact you with a request to wire money, cash, cryptocurrency, or use gift cards and will never instruct you to keep the discussion secret." We in turn recommend that you be careful and maintain critical thinking to avoid falling prey to scammers.
To sum up, stay vigilant and prioritize security. If you are an entrepreneur looking for protection against internal threats like those described above, consider implementing a reliable and cost-effective managed security service. Click here to take a step toward ensuring a safe and secure business environment.
Subscribe to get helpful articles and white papers.
We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Necessary Cookies
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
Functional Cookies
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
Performance Cookies
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
Third-party Cookies
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!