It’s the fear that keeps every chief security officer awake at night. What happens if one of my employees turns rogue? Cisco faced this type of situation two years ago, and while the damage was done, the culprit has pleaded guilty. In a San Jose federal court, according to a press release from the Department of Justice, a former Cisco employee has pleaded guilty to a myriad of charges related to network tampering. Sudhish Kasaba Ramesh reached a plea deal with prosecutors (Susan Knight and Elise Etter) and admitted to his crimes that consisted of one count of “Intentionally Accessing a Protected Computer Without Authorization and Recklessly Causing Damage,” which is in direct violation of 18 U.S.C. §§ 1030(a)(5)(B) and (c)(4)(A)(i)(I).
While an employee of Cisco, Ramesh used his credentials in September 2018 (before leaving the company in April 2018) to illegally access the cloud infrastructure. The Department of Justice report states the following on what Ramesh specifically did while accessing it:
During his unauthorized access, Ramesh admitted that he deployed a code from his Google Cloud Project account that resulted in the deletion of 456 virtual machines for Cisco’s WebEx Teams application, which provided video meetings, video messaging, file sharing, and other collaboration tools. He further admitted that he acted recklessly in deploying the code, and consciously disregarded the substantial risk that his conduct could harm to Cisco.
The result of Ramesh’s actions was a severe financial and data loss for Cisco. More than 16,000 WebEx Teams accounts became disabled for half a month, and as a result, Cisco spent $1.4 million in employee time and more than $1 million in refunds to customers.
Sentencing for Sudhish Kasaba Ramesh will begin with a hearing scheduled for Dec. 9. The maximum sentence for this particular offense is five years in prison and a fine of $250,000.
This network tampering story may be over for Cisco. However, it is a lesson to security professionals and employers, proving just how much damage one disgruntled insider can do.
Featured image: Flickr / DennisM2