Ex-employee of major South-East Asian IT firm jailed after he brings down its test servers — with scripts found on Google

(Image credit: Shutterstock)

An Indian national formerly employed in Singapore by the information technology (IT) services firm National Computer Systems (NCS) has been handed a custodial sentence for deleting all 180 of its test servers with scripts that he found on Google and then “perfected”.

The story (via Tom’s Hardware) says Kandula Nagaraju, 39, disagreed with his being fired for poor performance from NCS’ Quality Assurance (QA) department, concerned with testing new apps, and exploited the fact that his colleagues and superiors left his access credentials active to remotely wipe servers in a plan hatched from January through March 2023.

The affected servers, NCS says, were devoted to internal app testing, and so no sensitive customer data was lost in the attack. Tom’s Hardware wrote recovery of the servers cost roughly S$678,000, but didn’t share specific details on how this was done.

Access credentials and data loss

If we had to guess, the colossal scale of data lost in the attack (and the stretch of time that Nagaraju spent honing and testing the scripts) meant that data recovery software probably wouldn’t cut it. Perhaps some consultants charging an eye-watering fee had disk images for the servers lying around.

It’s a bit like a film, the way Tom’s tells it: the QA team found that all of their test servers had been wiped in the space of one morning on March 20 2023.

Though Nagaraju managed to evade detection while he continued to abuse his login credentials and obliterate servers, he’s no evil genius: Singaporean police managed to track him via IP addresses submitted to them by his former employer, cease his laptop, and find the offending scripts. 

He apparently couldn’t even be bothered to delete his browser history, putting him bang to rights for ripping them off the internet.

Speaking to Channel News Asia (CNA), a NCS spokesperson claimed that Nagaraju’s access credentials remained active due to ‘human oversight’. 

That’s all well and good, but you’d think an IT firm would keep a closer eye on servers vital to the operation of an entire department, especially when CNA also reported that NCS suffered a total loss of S$917,832 thanks to their rogue ex-employee.

But it’s not all bad. Once Nagaraju gets out of prison, he probably has a shining future ahead of him in vulnerability testing.

More from TechRadar Pro

Luke Hughes
Staff Writer

 Luke Hughes holds the role of Staff Writer at TechRadar Pro, producing news, features and deals content across topics ranging from computing to cloud services, cybersecurity, data privacy and business software.