Disgruntled employee who wiped company’s servers gets 2.5 years jail time

A former quality assurance (QA) employee at National Computer Systems (NCS), a major IT firm in Singapore, was sentenced to two years and eight months in prison for deleting 180 virtual servers.

Nagaraju Kandula, 39, was let go from NCS in November 2022 due to poor performance. However, the company failed to deactivate his access credentials, an oversight that allowed Kandula to exploit his former employer's systems for months afterward.

News reports indicate Kandula accessed NCS systems on multiple occasions between January and March 2023. During this period, he tested scripts designed to erase virtual servers used by the QA team. On March 18-19, his efforts succeeded and he deployed the destructive script that wiped out 180 virtual servers and caused an estimated $678,000 in damages.

The attack rendered the deleted servers unrecoverable, prompting NCS to involve the police. On April 11, 2023, investigations led the police to an IP address associated with Kandula which prompted an arrest and confiscation of his laptop.

The malicious script used to wipe the servers was found on Kandula’s laptop and upon further examination, it was found that he had used online searches to develop the script. This was the final blow needed to close the case and sentence Kandula to jail time.

While NCS assures no sensitive information was compromised, this incident serves as a stark reminder for companies to tighten security protocols. Promptly terminating access for ex-employees and resetting passwords for all administrative accounts are essential safeguards.

A similar case was reported earlier this year when a former Cisco engineer pleaded guilty to deploying code that deleted 456 virtual machines and led to the shutdown of more than 16,000 WebEx Teams accounts.