SoylentNews is people
SoylentNews
from the credentials-still-worked-FIVE-MONTHS-after-he-left? dept.
Sudhish Kasaba Ramesh, who worked at Cisco from July 2016 to April 2018, admitted in a plea agreement with prosecutors that he had deliberately connected to Cisco's AWS-hosted systems without authorization in September 2018 – five months after leaving the manufacturer. He then proceeded to delete virtual machines powering Cisco's WebEx video-conferencing service.
"During his unauthorized access, Ramesh admitted that he deployed a code from his Google Cloud Project account that resulted in the deletion of 456 virtual machines for Cisco's WebEx Teams application, which provided video meetings, video messaging, file sharing, and other collaboration tools," the US Attorney's Office for the Northern District of California said in a statement.
According to prosecutors, Ramesh's actions resulted in the shutdown of more than 16,000 WebEx Teams accounts for up to two weeks, which cost Cisco roughly $1.4m in employee time for remediation and over $1m in customer refunds.
[...] According to a court document[*], Ramesh is in the US on an H-1B visa and has a green card application pending.
[...] Ramesh faces up to five years in the clink and a fine of $250,000 when he is sentenced, an event scheduled for December.
[*] STIPULATION AND (PROPOSED) ORDER CONTINUING DATE FOR ENTRY OF PLEA AGREEMENT (PDF)
(Score: 5, Insightful) by bzipitidoo on Monday August 31 2020, @10:13AM
Yeah, this story raises my suspicions about a number of things. First, I'm guessing Cisco is engaging in the tradition of scapegoating. They screwed up. Big. Now, they're trying to blame it all on a former employee, and are seeking extreme punishment. There's no excuse for anyone to have that much access 5 months after they have left. I also question why Cisco's systems were ever set up with what seems a near single point of failure. Why did one person ever have that much power over so many systems, even when they were employed there? Also, is it so hard to set up new systems? Restore from backups, that is hard now? Where is their failover? Their secure backups? This is fricking Cisco, too. Majorly embarrassing to be caught living dangerously with their data. What is this saying, that the cloud isn't the answer to data safety after all?
Next, are Cisco's claims of millions in damages to be believed? 16000 accounts, too. That sounds like hysterical exaggeration of the alleged damages, to smear the defendant as an even eviler hacker. One thing I have seen over and over is that hackers scare normies witless. That's why they threaten the accused with prison time. They're trying to make an example of him, to give hackers more to think about. Meanwhile, the far right wackos committing real violence and bloodshed are not even being charged.
If the former employee did access systems, that alone was a damn fool thing to do. Then to engage in a little digital vandalism was far, far worse. No matter how much the former employee deserves to be vandalized, it's not worth it.