An Indian national, Kandula Nagaraju, was sentenced to two years and six months in prison by a Singapore court for unauthorized access to his former employer’s computer system, leading to significant financial losses. Kandula, 39, had gained access to his ex-employer NCS’ system and deleted 180 virtual servers, causing damages estimated at SGD 918,000 (USD 678,000).
The court handed down the sentence on Monday after Kandula was convicted of one charge of unauthorized access to computer material. A second charge was taken into consideration during sentencing. The cyber breach occurred following Kandula’s dismissal from NCS, where he had worked as part of a 20-member team responsible for managing the quality assurance (QA) computer system.
Dispute after dismissal
Kandula had been employed by NCS, a company offering information communication and technology services, from November 2021 to October 2022. His role involved testing new software and programs on the QA system, which consisted of approximately 180 virtual servers. The system, while critical for NCS operations, did not contain sensitive information.
Kandula was dismissed from NCS in October 2022 due to poor work performance, which left him “upset and confused,” according to court documents. He felt that his work had been satisfactory and that he had contributed positively to the company. Kandula’s employment officially ended on November 16, 2022, but the emotions surrounding his termination led him to act against his former employer.
Cyber attack from India
After his dismissal, Kandula returned to India, where he used his personal laptop to gain unauthorized access to NCS’ system. He accessed the system using administrator credentials on six occasions between January 6 and January 17, 2023. Despite his employment having ended, Kandula still possessed login information, which enabled him to execute the cyber attack remotely.
Kandula eventually returned to Singapore in February 2023 after securing new employment. He rented a room from a former colleague and, using the Wi-Fi network there, accessed NCS’ system once again. On February 23, 2023, he logged into the QA system unauthorized.
Systematic deletion of servers
Over the course of March 2023, Kandula accessed NCS’ QA system 13 more times. On March 18 and 19, he deployed a programmed script designed to delete the 180 virtual servers one by one. Court documents revealed that Kandula had searched for and modified scripts online, which he then used to systematically wipe out the servers.
On March 20, 2023, NCS’ IT team realized that the system had become inaccessible. After extensive troubleshooting failed to restore access, the team discovered that the servers had been deleted. NCS filed a police report on April 11, 2023, and subsequent investigations traced the unauthorized activity back to Kandula.
Legal consequences
Singapore police seized Kandula’s laptop, which contained the script used in the cyber attack. Investigations confirmed that Kandula had been aware that he was not authorized to access NCS’ system after his employment ended.
Kandula’s actions caused significant financial damage to NCS, totaling SGD 917,832. For his unauthorized access and malicious deletion of the virtual servers, he was sentenced to two years and six months in jail.