The ex-employee executed a programmed script to methodically delete 180 virtual servers.
Story continues below Advertisement Remove AdNagaraju had been part of a 20-member team responsible for managing NCS's QA system, which was used to test new software and programs.
Between January 6 and January 17, 2023, Nagaraju gained access to the system six times from India.
During his unauthorised access, Nagaraju experimented with computer scripts to test their capability to delete servers.
Nagaraju’s laptop was seized, revealing the destructive script and evidence of Google searches on how to delete virtual servers.
The ex-employee executed a programmed script to methodically delete 180 virtual servers. (Representational)
An Indian national has been sentenced to two years and six months in jail for unauthorised access to computer material that resulted in the deletion of 180 virtual servers, costing his former employer, NCS, nearly SGD 918,000 (Rs 5.66 crore), in an act of revenge for firing him.
Kandula Nagaraju, 39, the former employee of NCS, a prominent information communication and technology services provider, was found guilty of orchestrating a cyber-attack on the company's quality assurance (QA) system following his termination.
Story continues below Advertisement Remove Ad
Nagaraju had been part of a 20-member team responsible for managing NCS's QA system, which was used to test new software and programs. Although the system contained no sensitive information, its disruption had significant operational and financial repercussions.
Despite believing he had made "good contributions" during his tenure, Nagaraju was dismissed in October 2022 due to poor performance, with his employment officially ending on November 16, 2022.
According to court documents, Nagaraju was "confused and upset" by his dismissal. Lacking immediate employment in Singapore, he returned to India, where he accessed NCS's system unauthorisedly using administrator credentials. Between January 6 and January 17, 2023, Nagaraju gained access to the system six times from India.
In February 2023, after securing a new job, Nagaraju returned to Singapore and stayed with a former NCS colleague, using their Wi-Fi network to access the system again on February 23, 2023. During his unauthorised access, Nagaraju experimented with computer scripts to test their capability to delete servers.
The real damage was inflicted in March 2023 when Nagaraju accessed NCS's QA system 13 times, culminating in a two-day spree on March 18 and 19 during which he executed a programmed script to methodically delete 180 virtual servers. The deletions rendered the system inaccessible the following day, leading NCS to initiate an internal investigation.
By April 11, 2023, a police report was filed, and subsequent investigations led to the identification of several IP addresses linked to the sabotage. Nagaraju’s laptop was seized, revealing the destructive script and evidence of Google searches on how to delete virtual servers.
Story continues below Advertisement Remove Ad
Despite knowing he was not authorised to access the system after his employment ended, Nagaraju proceeded with his actions, causing a loss of SGD 917,832 to NCS.
"Mr. Nagaraju was aware of his lack of authorization and still chose to access the system, resulting in substantial financial loss and operational disruption," stated the prosecuting attorney on Monday.
