[BreachExchange] Former Employee Admits Hacking, Damaging Cisco Systems

[Destry Winant]

https://www.securityweek.com/former-employee-admits-hacking-damaging-cisco-systems

A former Cisco employee has pleaded guilty to hacking charges related
to him accessing the networking giant’s systems and causing damage.

According to the U.S. Justice Department, 30-year-old Sudhish Kasaba
Ramesh worked for Cisco until April 2018. A few months after he
resigned from the company, he gained unauthorized access to Cisco’s
AWS cloud infrastructure and deployed code that caused over 450
virtual machines associated with the Cisco Webex Teams application to
be deleted.

Deleting the VMs resulted in more than 16,000 Webex Teams accounts
being shut down for up to two weeks. Cisco spent roughly $1.4 million
in employee time to respond to the incident and it had to refund over
$1 million to impacted customers, authorities said.

There was no indication that customer data was compromised as a result
of the incident. No information has been shared about the man’s
motives.

At the time of the incident, many Webex users complained about the
outage, but Cisco did not provide any information on its cause and
there was no indication that it was the result of external activity.

Ramesh was charged with one count of intentionally accessing a
protected computer without authorization and recklessly causing
damage. He has pleaded guilty and is set to be sentenced in December.
He has been released on a $50,000 bond.

Ramesh is based in San Jose, California, but court documents show the
man is from India and he is in the United States on an H1-B work visa.
He could be deported as a result of his actions, but court documents
claim his current employer, online personal styling service Stitch
Fix, “is willing to work with him regarding the possibility of his
remaining in the country and continuing to work for the company.”