14 DAY TRIAL // A disgruntled IT administrator has admitted crippling the communication infrastructure of his former employer, pharmaceutical company Shionogi, after being laid off.
Jason Cornish, 37, of Georgia, worked full time for Shionogi's US subsidiary until July 2010 when he had a dispute with one of the company's senior managers.
The company continued to employ him as a consultant because of his knowledge abouts its computer systems and network.
However, in September 2010, pressured by financial problems, Shionogi performed a round of layoffs and also ended Cornish's contract.
Over the course of the following months, the IT admin logged in back into the company's network multiple times using old credentials and gained a foothold on its computers.
He installed the vSphere management console software and on February 3, 2011, connected through a McDonald's free Wi-Fi, he deleted 15 VMWare virtual hosts equivalating to 88 different servers.
The servers were responsible for running the company's email, BlackBerry, order tracking and other services. The incident cost the pharmaceutical company $800,000.
"The February 3 attack effectively froze Shionogi's operations for a number of days, leaving company employees unable to ship product, to cut checks, or even to communicate via email," the prosecutors wrote in their complaint.
Cornish pleaded guilty to ten separate counts of computer intrusion and faces a maximum sentence of ten years in prison plus a hefty fine. His sentencing is scheduled for November.
"Once again, businesses need to be reminded of the importance of reviewing what users have access to your systems, and that changing passwords and resetting access rights is essential when a member of your staff leaves your employment," writes Graham Cluley, a security expert from Sophos.
"People do, of course, leave jobs all the time and most of them would never dream of logging back in to their old place of work. But it only takes one bad apple to wreak havoc - so make sure your defences are in place, and that only authorised users can access your sensitive systems," he adds.