FBI: Disgruntled admin deleted system info
A Georgia man who allegedly froze the operations of a New Jersey pharmaceutical company where he had worked by deleting portions of its computer network has been federally charged in connection with the attack.
Jason Cornish, 37, of Smyrna, GA, was arrested near his residence by special agents of the FBI on a complaint charging him with knowingly transmitting computer code with the intent to damage computers in interstate commerce, according to a statement from U.S. Attorney Paul J. Fishman, JD, of Atlanta.
"The computers on which companies do business are the engines of the 21st century economy," Fishman said. "Malicious intrusions are against the law, regardless of motive. Hacking attacks devised as personal revenge can have serious repercussions for perpetrators as well as victims."
According to the FBI, Cornish was an information technology employee at Shionogi, a U.S. subsidiary of a Japanese pharmaceutical company with operations in New Jersey and Georgia. In late September 2010, shortly after Cornish had resigned from Shionogi, the company announced layoffs that would affect Cornish's close friend and former supervisor.
In the early morning hours of Feb. 3, 2011, Cornish gained unauthorized access to Shionogi's computer network. Cornish used a Shionogi user account to access a Shionogi server. Once he accessed the server, Cornish took control of a piece of software that he had secretly installed on the server several weeks earlier.
Cornish then used the secretly installed software program to delete the contents of each of 15 "virtual hosts" on Shionogi's computer network. These 15 virtual hosts (subdivisions on a computer designed to make it function like several computers) housed the equivalent of 88 computer servers. Cornish used his familiarity with Shionogi's network to identify each of these virtual hosts by name or by its corresponding Internet Protocol (IP) address.
The deleted servers housed most of Shionogi's American computer infrastructure, including the company's e-mail and Blackberry servers, its order tracking system, and its financial management software. The attack effectively froze Shionogi's operations for several days, leaving company employees unable to ship product, cut checks, or communicate by e-mail.
The FBI's investigation revealed that the attack originated from a computer connected to the wireless network of a Smyrna McDonald's where Cornish had used his credit card to make a purchase minutes before the attack. Cornish also gained unauthorized access to Shionogi's network from his home Internet connection using administrative passwords to which he had access as an employee.
The count with which Cornish is charged carries a maximum potential penalty of 10 years in prison and a $250,000 fine.