Revenge Of The Fired: Indian Ex-Employee Hacks Singapore Firm, Wipes Critical Data

An Indian national, Kandula Nagaraju, 39, was sentenced to two years and six months in jail for unauthorized access to computer material, during which he deleted 180 virtual servers, causing his employer a loss of SGD 918,000 (USD 678,000). Another charge was considered during Kandula’s sentencing. He was “upset” after being fired by NCS in […]

by Vishakha Bhardwaj - June 15, 2024, 3:46 pm

An Indian national, Kandula Nagaraju, 39, was sentenced to two years and six months in jail for unauthorized access to computer material, during which he deleted 180 virtual servers, causing his employer a loss of SGD 918,000 (USD 678,000).

Another charge was considered during Kandula’s sentencing. He was “upset” after being fired by NCS in October 2022 for poor performance, with his employment ending on November 16, 2022.

From November 2021 to October 2022, Kandula was part of a 20-member team managing the quality assurance (QA) computer system at NCS, which provides information communication and technology services. The system, used to test new software and programs before launch, consisted of about 180 virtual servers that did not store any sensitive information.

Channel News Asia reported that Kandula felt “confused and upset” upon being fired, believing he had performed well and “made good contributions” to NCS during his tenure.

After his termination, Kandula returned to India without securing another job in Singapore. From there, he used his laptop to gain unauthorized access to NCS’s system using administrator login credentials on six occasions between January 6 and January 17, 2023.

In February, Kandula returned to Singapore after finding new employment. He rented a room from a former NCS colleague and used their Wi-Fi network to access NCS’ system once on February 23, 2023.

During these unauthorized accesses, Kandula wrote scripts to test their ability to delete the servers. In March 2023, he accessed NCS’ QA system 13 times. On March 18 and 19, he executed a script to delete all 180 virtual servers, designed to remove the servers one by one.

The next day, NCS discovered the system was inaccessible. After troubleshooting, they realized the servers had been deleted. A police report was filed on April 11, 2023, with IP addresses from the internal investigation provided to the authorities.

The police seized Kandula’s laptop, finding the deletion script used. Investigations showed that Kandula had searched Google for scripts to delete virtual servers, which he then adapted.

Knowing he was unauthorized to access the system after his employment ended, Kandula’s actions resulted in a loss of SGD 917,832 for NCS.