Former Cisco Engineer Gets Two Years for $2.4M WebEx Attack

Written by

A former Cisco engineer has been sentenced to 24 months behind bars after causing millions of dollars in damages and losses for his former employer.

Sudhish Kasaba Ramesh, 31, of San Jose, pleaded guilty back in August to one count of intentionally accessing a protected computer without authorization and recklessly causing damage to Cisco.

Ramesh resigned his job at the networking giant in April 2018 after working there for nearly two years.

However, for a reason not explained in the court documents, he unlawfully accessed Cisco cloud infrastructure in September 2018, deploying code which deleted 456 virtual machines supporting the WebEx Teams application for clients.

In fact, over 16,000 customer WebEx Teams accounts were shut down for two weeks as a result of his actions. Although no data was compromised in the operation, it is said to have resulted in Cisco spending $1.4 million on extra staff costs to remediate the issue and a further $1 million in compensation for customers.

Ramesh will also be forced to serve a one-year period of supervised release following his two year stint in prison and to pay a $15,000 fine.

According to Verizon, 30% of the breaches it analyzed earlier this year were linked to insider actions. However, most of these are thought to be the result of human error rather than malicious intent.

While malicious insider threats are relatively rare, they can be difficult to detect and prevent.

Back in 2018, it emerged that a disgruntled Tesla employee passed over for promotion caused “quite extensive and damaging sabotage” to the company’s systems.

According to an Accenture report last year, the cost of malicious insider threats jumped 15% from 2017 to reach $1.6 million.

What’s hot on Infosecurity Magazine?