IT worker pleads guilty to crippling ex-employer's network

Share this article:

A former IT worker pleaded guilty in federal court Tuesday to launching an attack that crippled his ex-employer's computer network and caused the company hundreds of thousands of dollars in damages.

Jason Cornish, 37, of Smyrna, Ga., faces up to 10 years in prison and a $250,000 fine for breaking into the  network of Shionogi, the U.S.-based subsidiary of a Japanese pharmaceutical company, and deleting the contents of 15 virtual hosts that housed the equivalent of 88 servers, U.S. prosecutors said in a news release Tuesday.

Cornish, who began working for Shionogi in 2009, but quit the following year after a dispute with a senior manager, carried out the cyber assault after a close friend was fired from the company, prosecutors said.

According to court documents, Cornish launched the attack in the early morning hours of Feb. 3 over the Wi-Fi network of a McDonald's in Smyrna. He used legitimate user credentials to gain access to a company server, and then, one by one, deleted the contents of each virtual host on Shionogi's networks. To delete the hosts, he used a program, vSphere, that he planted on the server several weeks earlier.

The deleted servers housed most of Shionogi's computer infrastructure, including its email and BlackBerry servers, order tracking system and financial management software, according to the U.S. Justice Department.

“The attack effectively froze Shionogi's operations for a number of days, leaving company employees unable to ship product, cut checks or communicate by email,” the release said.

In its investigation, FBI agents examined firewall logs that were not affected by attack and traced the activity back to a computer connected to the free network at the McDonald's. Agents discovered that Cornish had used his credit card at the restaurant to make a purchase just minutes before the attack.

In total, Shionogi incurred $300,000 in damages responding to the attack, conducting damage assessments and restoring its network, prosecutors said. Cornish is scheduled to be sentenced on Nov. 10.

Share this article:

Sign up to our newsletters

More in News

New backdoor 'Baccamun' spreads through ActiveX exploit

Symantec researchers revealed that the backdoor is dropped after attackers exploit a Windows ActiveX vulnerability.

Outdated browsers put U.K. users at risk of malware

A blog post on Check and Secure website said 70 percent of U.K. users haven't fully updated their internet browsers

Survey: 53 percent change privileged logins quarterly

A Lieberman Software survey highlights the issue or poor password management, even among security pros.