Kandula Nagaraju, a 39-year-old Indian citizen who worked for NCS (National Computer Systems) in Singapore, was sentenced to two years and eight months in prison after a court found him guilty of unauthorized access to computers. As reported by CNAKandula accessed his former employer’s systems for several months after he was fired. He «amused himself» by deleting the company’s test servers. In one night, he deployed scripts that resulted in the complete removal of all 180 servers.
NCS is a large company headquartered in Singapore that provides IT services in Southeast Asia. It is also represented in Australia, Hong Kong, China and India and employs more than 13 thousand people. Kandula Nagaraju worked in a computer-based quality assurance system, he and his team used test servers to run programs before they were deployed to customers.
Kandula’s contract was terminated in October 2022, allegedly due to poor performance. He was embarrassed and upset by the dismissal because he thought he was doing a good job in his position. After that, he did not find another job in Singapore, so he left the state and returned to his country.
Kandula found that his credentials were still active and he had access to the servers. Between January and March 2023, he hatched a plan to take revenge on his former employer. During this time, he searched Google for server removal scripts and eventually started testing them on NCS servers.
None of his former teammates were aware of this, which allowed him to access the system more than 13 times in March 2023 alone. It was during this time that he improved and hid the scripts. Finally, on March 18 and 19, he activated the deletion of the servers one by one to avoid arousing suspicion. When the NCS QA team logged in on March 20, they found that their test servers were inaccessible.
NCS claims that the test servers were standalone systems used for new programs. It also said that no confidential information was stored on them, so company and customer data remained safe. However, it cost the company approximately $678,000 to remedy the situation.
The company reported the incident to the police in April 2023. After Kandula returned to Singapore in February 2023, the police tracked his whereabouts using the IP addresses provided by the company and seized his laptop. That’s when they found the scripts he used on NCS servers, as well as his Google search history.