A 40-year-old man who pleads guilty to interfering with his former employer’s computer system in a U.S. district court could face up to 10 years in prison.
Casey K Umetsu of Honolulu, Hawaii, deliberately misdirected the financial company’s email traffic and prevented her from accessing the financial company’s website after an unsuccessful attempt to convince a customer to get a higher salary and hire him again. pleaded guilty to one charge.
Umetsu, who worked in the IT department of a well-known Hawaii-based company between 2017 and 2019, used the credentials of her former employer to access a domain registrar and deliberately changed the company’s DNS records to specify the wrong path, a court found. acknowledged in Your company’s web and email traffic.
as the Ministry of Justice ExplicateUmetsu further blocked the company’s domain name registrar account, making the damage irreversible for several days.
Of course, Umetsu could easily recover from the damage at any time, but he was waiting for his former employer to turn to him for help and offer him a higher salary than he had previously enjoyed.
Instead, the company decided to contact the FBI.
U.S. Attorney Clare E. Connors said, “Umetsu criminally abused the special access granted him by his employer to disrupt the operation of the network. “People who compromise the security of computer networks, whether governments, businesses, or individuals, will be investigated and prosecuted, including technical personnel to whom the victim has granted access.”
Listening to the sound, the problem here is easy to understand, but it’s all too common in many work environments. When someone leaves their job, you must ensure that any passwords they previously had access to will no longer work.
Even if someone leaves the company on good terms, don’t forget to erase your login credentials and information that others knew.
A disgruntled former employee Block the entire city from the network, intentionally planting malicious codeor Replace CEO’s presentation with pornographyThe consequences can be serious.
Casey Umetsu is due to be sentenced on January 19, 2023. According to the sentencing guidelines, he faces up to 10 years in prison, a fine of up to $250,000, and up to three years of supervisory release.
After that, most likely no one will trust him again by administering the IT network or using passwords for key parts of the infrastructure.
Editor’s note: The opinions expressed in this guest author article are solely those of the contributors and do not necessarily reflect those of Tripwire, Inc.