A former IT worker pleaded guilty in federal court Tuesday to launching an attack that crippled his ex-employer's computer network and caused the company hundreds of thousands of dollars in damages.
Jason Cornish, 37, of Smyrna, Ga., faces up to 10 years in prison and a $250,000 fine for breaking into the network of Shionogi, the U.S.-based subsidiary of a Japanese pharmaceutical company, and deleting the contents of 15 virtual hosts that housed the equivalent of 88 servers, U.S. prosecutors said in a news release Tuesday.
Cornish, who began working for Shionogi in 2009, but quit the following year after a dispute with a senior manager, carried out the cyber assault after a close friend was fired from the company, prosecutors said.
According to court documents, Cornish launched the attack in the early morning hours of Feb. 3 over the Wi-Fi network of a McDonald's in Smyrna. He used legitimate user credentials to gain access to a company server, and then, one by one, deleted the contents of each virtual host on Shionogi's networks. To delete the hosts, he used a program, vSphere, that he planted on the server several weeks earlier.
The deleted servers housed most of Shionogi's computer infrastructure, including its email and BlackBerry servers, order tracking system and financial management software, according to the U.S. Justice Department.
“The attack effectively froze Shionogi's operations for a number of days, leaving company employees unable to ship product, cut checks or communicate by email,” the release said.
In its investigation, FBI agents examined firewall logs that were not affected by attack and traced the activity back to a computer connected to the free network at the McDonald's. Agents discovered that Cornish had used his credit card at the restaurant to make a purchase just minutes before the attack.
In total, Shionogi incurred $300,000 in damages responding to the attack, conducting damage assessments and restoring its network, prosecutors said. Cornish is scheduled to be sentenced on Nov. 10.