Cisco engineer resigns then nukes 16k WebEx accounts, 456 VMs
Sergiu Gatlan - 28/Aug/2020
Sergiu Gatlan - 28/Aug/2020
[SHOWTOGROUPS=4,20,22]
A former Cisco employee pleaded guilty to accessing the company's cloud infrastructure in 2018, five months after resigning, to deploy code that led to the shut down of more than 16,000 WebEx Teams accounts and the deletion of 456 virtual machines.
According to a plea agreement filed on July 30, 2020, 30-year-old Sudhish Kasaba Ramesh accessed Cisco's cloud infrastructure hosted on Amazon Web Services without permission on September 24, 2018 — he resigned from the company in April 2018.
"During his unauthorized access, Ramesh admitted that he deployed code from his Google Cloud Project account that resulted in the deletion of 456 virtual machines for Cisco’s WebEx Teams application, which provided video meetings, video messaging, file sharing, and other collaboration tools," a press release issued by the U.S. Attorney’s Office for the Northern District of California Для просмотра ссылки Войдиили Зарегистрируйся.
As a direct result of this, more than 16,000 WebEx Teams accounts were also shut down for approximately two weeks forcing Cisco to spend more than $2,400,000 in customer refunds and employee time needed to restore the damage caused by Ramesh.
However, as the prosecutors explained in the press release, no customer data was compromised because of the defendant's actions.
Ramesh also admitted that his actions were reckless and that he also consciously ignored the substantial risk and damage deleting the virtual machines would cause.
"Cisco addressed the issue in September 2018 as quickly as possible, ensured no customer information was lost or compromised and implemented additional safeguards," Cisco said in a statement.
"We brought this issue directly to law enforcement and appreciate their partnership in bringing this person to justice. We are confident processes are in place to prevent a recurrence."
Faces five years in prison and deportation
He was released on bond with a bail set at $50,000 after being charged with a count of Intentionally Accessing a Protected Computer Without Authorization and Recklessly Causing Damage.
In an email to counsel, Ramesh also said that he submitted his passport and he is not a flight risk until the sentencing hearing scheduled for December 9, 2020.
If found guilty, Ramesh faces a maximum statutory penalty of five years imprisonment and a $250,000 fine.
At the moment, the defendant has a green card application pending and is in the United States on an H1 visa, and, if found guilty, he also faces deportation to his native country of India.
"Although he and his employer recognize that his guilty plea, in this case, may have immigration consequences, up to and including deportation, his employer (Stitch Fix) is willing to work with him regarding the possibility of his remaining in the country and continuing to work for the company," court documents Для просмотра ссылки Войдиили Зарегистрируйся.
[/SHOWTOGROUPS]
A former Cisco employee pleaded guilty to accessing the company's cloud infrastructure in 2018, five months after resigning, to deploy code that led to the shut down of more than 16,000 WebEx Teams accounts and the deletion of 456 virtual machines.
According to a plea agreement filed on July 30, 2020, 30-year-old Sudhish Kasaba Ramesh accessed Cisco's cloud infrastructure hosted on Amazon Web Services without permission on September 24, 2018 — he resigned from the company in April 2018.
"During his unauthorized access, Ramesh admitted that he deployed code from his Google Cloud Project account that resulted in the deletion of 456 virtual machines for Cisco’s WebEx Teams application, which provided video meetings, video messaging, file sharing, and other collaboration tools," a press release issued by the U.S. Attorney’s Office for the Northern District of California Для просмотра ссылки Войди
As a direct result of this, more than 16,000 WebEx Teams accounts were also shut down for approximately two weeks forcing Cisco to spend more than $2,400,000 in customer refunds and employee time needed to restore the damage caused by Ramesh.
However, as the prosecutors explained in the press release, no customer data was compromised because of the defendant's actions.
Ramesh also admitted that his actions were reckless and that he also consciously ignored the substantial risk and damage deleting the virtual machines would cause.
"Cisco addressed the issue in September 2018 as quickly as possible, ensured no customer information was lost or compromised and implemented additional safeguards," Cisco said in a statement.
"We brought this issue directly to law enforcement and appreciate their partnership in bringing this person to justice. We are confident processes are in place to prevent a recurrence."
Faces five years in prison and deportation
He was released on bond with a bail set at $50,000 after being charged with a count of Intentionally Accessing a Protected Computer Without Authorization and Recklessly Causing Damage.
In an email to counsel, Ramesh also said that he submitted his passport and he is not a flight risk until the sentencing hearing scheduled for December 9, 2020.
If found guilty, Ramesh faces a maximum statutory penalty of five years imprisonment and a $250,000 fine.
At the moment, the defendant has a green card application pending and is in the United States on an H1 visa, and, if found guilty, he also faces deportation to his native country of India.
"Although he and his employer recognize that his guilty plea, in this case, may have immigration consequences, up to and including deportation, his employer (Stitch Fix) is willing to work with him regarding the possibility of his remaining in the country and continuing to work for the company," court documents Для просмотра ссылки Войди
[/SHOWTOGROUPS]