The direct loss of the former Cisco employee’s deletion of the database after leaving the company reaches 2.4 million US dollars


The U.S. Attorney’s Office and the Federal Bureau of Investigation issued an announcement on August 26, local time, stating that former Cisco employee Sudhish Kasaba Ramesh pleaded guilty in the San Jose Federal Court that day, admitting that he had illegally invaded Cisco’s cloud infrastructure and destroyed a large number of resources, causing difficulties. Loss recovered. Sudhish Kasaba Ramesh worked at Cisco from July 2016 to April 2018.
(From: US DoJ)

On September 24, 2018, five months after leaving his job, Ramesh accessed Cisco’s cloud infrastructure hosted on Amazon Web Services without permission. He deployed a piece of code from his Google Cloud project account, which caused 456 virtual machines for the WebEx Teams application to be deleted. WebEx Teams is a popular collaboration office software from Cisco. The application provides video conferencing, video messaging, file sharing, and other collaboration tools.

When Ramesh pleaded guilty, he stated that he “behaved recklessly when deploying code and deliberately ignored the huge risk of harm to Cisco.

Due to Ramesh’s actions, more than 16,000 WebEx Teams accounts were closed for up to two weeks, causing Cisco to spend approximately $1.4 million in staff time to restore the application and refund more than $1,000,000 to affected customers.

Currently, the incident has not caused any leakage of customer data. Ramesh is accused of violating section 1030(a)(5)(B) and (c)(4)(A)(i)(I) of Title 18 of the United States Code, “intentional unauthorized access to a protected computer And cause damage recklessly”. The maximum statutory penalty for this crime is 5 years in prison and a fine of $250,000.

The defendant Ramesh himself is on bail. The bail is $50,000. The sentencing hearing is scheduled to be held in the San Jose court in the United States on December 9, 2020.

Regarding this incident, Cisco stated that it “ensures that no customer information has been leaked, and has implemented other protective measures. Thanks to law enforcement agencies for bringing it to justice, and we believe it can prevent (such incidents) from happening again.”