An IT Contractor, Deepanshu Kher was sentenced to two years in prison for accessing the server of a Carlsbad Company and deleting over 1,200 over the company’s 1,500 Microsoft User Accounts.
According to court documents, Kher was employed by an information technology consulting firm from 2017 through May 2018. In 2017, the consulting firm was hired by the Carlsbad Company to assist with its migration to a Microsoft Office 365 (MS O365) environment.
The consulting firm sent its employee, Kher, to the company’s Carlsbad headquarters to assist with the migration. The company was dissatisfied with Kher’s work and relayed their dissatisfaction to the consulting firm soon after Kher’s arrival.
In January 2018, the consulting firm pulled Kher from the company’s headquarters. A few months later, on May 4, 2018, the firm fired Kher, and a month after that, in June 2018, Kher returned to Delhi, India.
Hacking into the Company’s Server
Two months after his return to India, Kher hacked into the Carlsbad Company’s server and deleted over 1,200 of its 1,500 MS O365 user accounts.
The attack affected the bulk of the company’s employees and completely shut down the company for two days.
“The impact was felt inside and outside the company. Employees’ accounts were deleted – they could not access their email, their contacts lists, their meeting calendars, their documents, corporate directories, video and audio conferences, and the Virtual Teams environment necessary for them to perform their jobs”.
“Outside the company, customers, vendors and consumers were unable to reach company employees (and the employees were unable to reach them). No one could inform these buyers what was going on or when the company would be operational again”, explains the Company’s Vice President of IT.
Employees were not receiving meeting invites or cancellations, employees’ contacts lists could not be completely rebuilt, and affected employees could no longer access folders to which they previously had access.
The Carlsbad Company repeatedly handled multitudes of IT problems for three months.
The Vice President of IT says, “In my 30-plus years as an IT professional, I have never been a part of a more difficult and trying work situation.”
Deepanshu Kher was Sentenced Two Years in Prison
U.S. District Court Judge Marilyn L. Huff noted that Kher perpetrated a significant and sophisticated attack on the company, an attack which was planned and intended as revenge.
In addition to the two years in custody, Judge Huff sentenced Kher to three years supervised release and restitution to the Company of $567,084, the amount that the Company paid to fix the problems which Kher caused.
“This act of sabotage was destructive for this company,” said Acting U.S. Attorney Randy Grossman.
“Fortunately, the defendant’s revenge was short-lived and justice has been delivered.”, Grossman commended the excellent work of Assistant U.S. Attorney Alexandra F. Foster and the FBI agents on this case.
“We encourage companies to develop a relationship with the FBI and local law enforcement prior to a cybersecurity incident and incorporate it into incident response plans. In this case, the victim company’s swift notification and cooperation with the FBI contributed greatly to the successful outcome. Living in a digital world, it is important to get ahead of the threats, be proactive and predictive in the way we approach cybersecurity.”, said Suzanne Turner, Special Agent in Charge of FBI’s San Diego Field Office.
If victimized in a cybersecurity incident, the FBI encourages companies to immediately contact the FBI. Specialized cyber agents will work with companies to protect company information and the personal data of their customers.