An Indian national, Kandula Nagaraju, has been sentenced to two years and six months in jail for orchestrating a cyber attack that resulted in the deletion of 180 virtual servers belonging to his former employer, NCS. This act of revenge followed his termination from the company, costing NCS nearly SGD 918,000 (approximately Rs 5.66 crore).
Nagaraju, aged 39 and a former member of NCS’s quality assurance (QA) team responsible for testing new software, was dismissed in October 2022 due to poor performance. Despite feeling he had contributed significantly during his tenure, Nagaraju was reportedly confused and upset by his dismissal, prompting him to access NCS’s system from India using administrator credentials after returning home.
Between January 6 and January 17, 2023, and later in February 2023 while temporarily in Singapore, Nagaraju accessed the QA system multiple times. He experimented with computer scripts to gauge their capability to delete servers. The actual damage occurred in March 2023 when he systematically deleted 180 virtual servers over a two-day period, rendering the system inoperable and prompting NCS to launch an internal investigation.
Subsequent police investigations traced the sabotage back to Nagaraju through IP addresses linked to his actions. His laptop contained evidence of the destructive script and Google searches related to server deletion methods.
Despite knowing he lacked authorization to access the system after termination, Nagaraju proceeded with his actions, causing significant financial loss and operational disruption to NCS. The case underscores the serious consequences of unauthorized access and cyber attacks in corporate environments.
