SoylentNews is people
SoylentNews
from the credentials-still-worked-FIVE-MONTHS-after-he-left? dept.
Sudhish Kasaba Ramesh, who worked at Cisco from July 2016 to April 2018, admitted in a plea agreement with prosecutors that he had deliberately connected to Cisco's AWS-hosted systems without authorization in September 2018 – five months after leaving the manufacturer. He then proceeded to delete virtual machines powering Cisco's WebEx video-conferencing service.
"During his unauthorized access, Ramesh admitted that he deployed a code from his Google Cloud Project account that resulted in the deletion of 456 virtual machines for Cisco's WebEx Teams application, which provided video meetings, video messaging, file sharing, and other collaboration tools," the US Attorney's Office for the Northern District of California said in a statement.
According to prosecutors, Ramesh's actions resulted in the shutdown of more than 16,000 WebEx Teams accounts for up to two weeks, which cost Cisco roughly $1.4m in employee time for remediation and over $1m in customer refunds.
[...] According to a court document[*], Ramesh is in the US on an H-1B visa and has a green card application pending.
[...] Ramesh faces up to five years in the clink and a fine of $250,000 when he is sentenced, an event scheduled for December.
[*] STIPULATION AND (PROPOSED) ORDER CONTINUING DATE FOR ENTRY OF PLEA AGREEMENT (PDF)
(Score: 2) by GlennC on Monday August 31 2020, @01:33PM (9 children)
To me, both parties made mistakes.
Cisco should have disabled Ramesh's accounts immediately after his employment ended.
Ramesh should also have deleted any login credentials on his systems.
However, given that Ramesh is a "foreigner," and Cisco is "an upstanding American company," guess who's going to end up taking the fall?
Sorry folks...the world is bigger and more varied than you want it to be. Deal with it.
(Score: 0) by Anonymous Coward on Monday August 31 2020, @03:12PM (2 children)
Iran?
(Score: 0) by Anonymous Coward on Monday August 31 2020, @06:58PM (1 child)
No, obviously it's China's fault, because everything bad that happens is their fault.
TRDT
(Score: 0) by Anonymous Coward on Tuesday September 01 2020, @04:00AM
TRDT?? Probably not Tag Rugby Development Trust
(Score: 3, Insightful) by Grishnakh on Monday August 31 2020, @03:25PM (5 children)
Cisco should have disabled Ramesh's accounts immediately after his employment ended.
Ramesh should also have deleted any login credentials on his systems.
If Ramesh had deleted login credentials, he wouldn't have been able to log in and trash stuff. Why would he want to do this?
This is like blaming the ex-employee of a bank for coming in, using the safe combination that he remembers from when he worked there, and stealing all the bank's cash. Who's really to blame? The ex-employee? No, because if you trusted everyone to not ever steal anything, then we wouldn't need safes and locks and banks could just leave their doors unlocked and cash lying around. The bank is to blame for having shitty security. Of course, the ex-employee should be *prosecuted*, but the *blame* falls on the bank here. The bank is the one that needs to be sued, because it had a duty to protect the customers' money, and it failed due to negligence.
(Score: 2) by GlennC on Monday August 31 2020, @03:38PM (1 child)
Perhaps to avoid potential liability? I would mention professional courtesy, but that appears to be beyond the capacity of many these days.
Sorry folks...the world is bigger and more varied than you want it to be. Deal with it.
(Score: 2) by Grishnakh on Monday August 31 2020, @11:35PM
For normal people, sure, but obviously this guy had it out for Cisco, so why would he want to delete his login credentials if it means he can't trash their data and cause millions in damages (allegedly)?
Your post seems to me like thinking a hit man should just get rid of his gun.
(Score: 3, Interesting) by Anonymous Coward on Monday August 31 2020, @05:28PM (2 children)
Cisco has aweful history of treating employees and half of the shit they fling is borderline illegal which is why they require H1Bs. A junior of mine had a job of administration their Jenkins server running over kubernetes. He triggered a clone of a node and for some reason that triggered an alert. It was pretty much his job and he had taken approval from the management etc. Of course. Guess who got involved? The legal department. The Cisco HR contacted him for explanation, asked him to share his personal gmail login and password. He naively shared without, and lost complete access to his email that is linked to Facebook, bank, tax authority etc.
I mean, we can all read that and think of a couple of mistakes he did but what would we have actually done in his place, probably not too different - because we think USA is better because it has rule of law.
A harsh lesson but the point is, Cisco has history of shitting over employees and naturally has attracted smart shitty characters in its positions of power. I am sorry for Ramesh. He has done more hard work and sacrificed more than most of the people complaining about H1B, but some things, like race gender and parents economic condition don't completely go away.
(Score: 2) by inertnet on Monday August 31 2020, @08:18PM
I was going to say that he'll never be able to get an honest job for the rest of his life, but (from TFA):
(Score: 1) by khallow on Wednesday September 02 2020, @05:19AM
My take is that once you get larger than a small tribe a place with rule of law will be better than a place without rule of law. It's that much better than its absence. People forget the European problem that led to the development of the concept of rule of law. Once you no longer have formal regulations that apply to everyone with well understood law creation, the powerful just make up their own rules on the fly.