An angry IT specialist went on a “deleting spree” at the Japanese pharmaceutical company Shionogi in the United States. He destroyed important data and provoked chaos for a few days at the company, underlining the growing threat of electronic insider attacks.
Jason Cornish had been working with the company until July 2010 when he had a dispute with a top manager. He is accused that in January he accessed Shionogi’s computers at least 20 times and installed virtual management software without the company knowing or approving this.
The next month, on Feb. 13, he logged into the company’s network and deleted 15 virtual hosts and their contents, the approximate equivalent of 88 computer servers, according to Shionogi. The result was that the company’s activities were frozen for "a number of days, leaving employees unable to ship products, to cut checks or even communicate via email". The damage was estimated at $800,000.
Cornish expects a conviction in November and risks a maximum of 10 years in prison.
The incident shows how vulnerable virtualization infrastructure, as well as cloud computing, can be, security experts say. Moreover, the insider attacks are a rising problem. A recent NetIQ survey of 200 security executives showed that almost three quarters of them (72 percent) have experienced insider data theft at least once in the past two years.