‘Human oversight’ enabled fired NCS employee to access company system and delete servers

SINGAPORE: &nbsp, A “human oversight” enabled a former NCS employee to enter its computer system even after he was fired, as his access was not immediately terminated, the infotech company told CNA on Wednesday ( Jun 12 ).

Kandula Nagaraju, 39, was given a two-year, eight-month prison sentence on Monday for the crime of unauthorized access to computer files. &nbsp,

Upset about being fired, he&nbsp, accessed the bank’s computer system several times using the executive registration qualifications. A trained text was later used to remove 180 virtual machines.

In response to CNA’s queries, NCS said this was an “isolated incident” involving a former contract employee who had been part of a team managing the&nbsp, quality assurance ( QA ) computer system at NCS.

This Testing system includes a test environment where all new applications and programs are thoroughly tested before being released. &nbsp,

” Due to a human oversight in administering the standalone test environment, the perpetrator’s access to the test environment was n’t terminated immediately upon departure from the company”, said NCS.

” When the illegal entry was discovered, all admittance was quickly terminated, and a policeman report filed”.

Bad WORK PERFORMANCE

Between November 2021 and October 2022, Kandula was a part of a 20-person crew that oversaw the QA computer program at NCS. &nbsp,

No delicate data was stored on the 180 online servers that made up the system. &nbsp,

His national last day of work was November 16, 2022, and his deal with NCS was terminated in October 2022 as a result of bad work efficiency.

According to court papers, he felt” confused and upset” when he was fired as he felt he had performed well and “made good efforts” to NCS during his career.

Between January 6 and January 17, 2023, he returned to India where he used his laptop, which he had previously used, to gain illegal access to the system six times.

Kandula returned to Singapore in February of that year after landing a new career. On February 23, 2023, he rented a room with a previous NCS colleague and accessed NCS’ system again through his Wi-Fi network.

He wrote some computer code to see if they could be used on the method to remove the servers during the two months of unauthorised access. &nbsp,

In March 2023, he accessed NCS ‘ QA program 13 days. On Mar 18 and 19, he ran a programmed script to remove 180 online servers in the program. His script was written to automatically remove the servers at once.

The police seized Kandula’s notebook in April, and the&nbsp, text used to carry out the removals, was discovered on it.

Studies revealed that he had searched on Google for code to remove online machines, which he then used to code the text.

He was always conscious that he was unfit to access the system after his career with NCS ended. As a result of his deeds, NCS suffered a reduction of S$ 917, 832. &nbsp,

On Wednesday, NCS stated that it has implemented strict procedures and settings, and that it will continue to monitor and improve them.

Although this is a one-time affair, NCS has a zero tolerance policy against such wrongdoing, and it expects all employees to perform their duties with integrity and honesty, it continued.