A Georgia IT administrator has pleaded guilty to crippling the computer system of a Japanese pharmaceutical company's US subsidiary several months after his employment there ended.
Jason Cornish, 37, admitted using a public internet connection at a McDonald's restaurant in Smyrna, Georgia, to access the network of the Shionogi subsidiary using an old account, according to federal prosecutors in New Jersey. He then deleted the contents of 15 VMware hosts used to run the equivalent of 88 servers that supported email, employee BlackBerrys, order tracking and other essential services.
“The February 3 attack effectively froze Shionogi's operations for a number of days, leaving company employees unable to ship product, to cut checks, or even to communications via email,” prosecutors wrote in a criminal complaint filed in June. In all, the attack cost the company $800,000.
FBI agents linked the attack to the McDonald's by analyzing the IP addresses used during the attack. They later discovered Cornish had used his credit card at the restaurant a few minutes earlier.
Cornish faces a maximum of 10 years in prison and $250,000 in fines. Sentencing is scheduled for November 10. The rogue joins a growing roster of disgruntled sysadmins charged and convicted of sabotaging their former employers. For a sampling, see related stories below. ®