Fired techie created virtual chaos at pharma company

A former IT staffer has pleaded guilty to using a secret vSphere console to wipe company servers

By Robert McMillan, IDG News Service |  Virtualization, vSphere Add a new comment

August 16, 2011, 7:14 PM

McDonald's

flickr/dave_mcmt

Logging in from a Smyrna, Georgia, McDonald's restaurant, a former employee of a U.S. pharmaceutical company was able to wipe out most of the company's computer infrastructure earlier this year.

The obvious question
And the state of these VMs was not backed up?

ITworld user markhahn | What's your take?

Jason Cornish, 37, formerly an IT staffer at the U.S. subsidiary of Japanese drug-maker Shionogi, pleaded guilty Tuesday to computer intrusion charges in connection with the attack on Feb. 3, 2011. He wiped out 15 VMware host systems that were running e-mail, order tracking, financial and other services for the Florham Park, New Jersey, company.

[IT admins gone wild: 5 rogues to watch out for and The dumbest thing VMware has done recently could help customers move to cloud]

"The Feb. 3 attack effectively froze Shionogi's operations for a number of days, leaving company employees unable to ship product, to cut checks, or even to communicate via e-mail," the U.S. Department of Justice said in court filings. Total cost to Shionogi: $800,000.

Cornish had resigned from the company in July 2010 after getting into a dispute with management, but he had been kept on as a consultant for two more months.

Then, in September 2010, the drug-maker laid off Cornish and other employees, but it did a bad job of revoking passwords to the network. One employee, who was Cornish's friend and former boss, allegedly refused to hand over network passwords to company officials and eventually was fired because of this.

Using a Shionogi account, Cornish was able to log into the company's network from a public McDonald's Internet connection in February and fire up a vSphere VMware management console that he'd secretly installed on the company's network a few weeks earlier.

Using vSphere, he deleted 88 company servers from the VMware host systems, one by one.

Cornish was charged in July. He faces a maximum of 10 years in prison when he's sentenced on Nov. 10. He could not be reached for comment Tuesday. Shionogi did not return messages seeking comment.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

ITworld LIVE

VirtualizationWhite Papers & Webcasts

White Paper

Converged Storage: Utility Storage - The Ideal Platform for Virtual and Cloud Computing

Server virtualization has transformed corporate IT -- companies have enjoyed major cost savings and have gained flexibility and efficiency. But this has also led to a proliferation of virtual machines and servers that threaten to overwhelm data movement and storage technologies. In this IDG Tech Dossier, learn how utility storage makes for massive consolidation, flexibility and scalability, so IT departments can reduce storage infrastructure and lower costs while improving their ability to respond to fast-changing needs of business units.Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.

White Paper

Virtualizing the Client - The HP Way

HP VirtualSystem delivers best-in-class virtualization, with integrated software, services, infrastructure, and management - all delivered as one proven solution.Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.

Webcast On Demand

Making Information Matter

Join us in the upcoming Hitachi virtual Forum on Wednesday, June 6th, at 8:30am PT / 11:30am ET and gain meaningful insights on how to maximize efficiency and reduce expenses. At the virtual forum you will learn about key solution strategies in our featured live video sessions from top leaders at Hitachi, like Miki Sandorfi, Chief Strategy Officer and industry experts, such as Ben Woo, VP WW Storage Systems at IDC.

Sponsor: Hitachi

White Paper

Top 5 Requirements for Backup of Servers

The majority of today's business computing environments already have both virtual and physical servers at the same time. This hybrid reality drives the need for protecting both virtual and physical environment needs. The following list of "Must-Have" requirements should serve as a basic roadmap for IT managers as virtualization use continues to outpace physical server utilization.

White Paper

Top 10 Best Practices of Backup, Replication & Recovery for VMware & Hyper-V

Whether you are new to virtualization or if you have been administering a virtual infrastructure for a while, it's now time to review your virtual infrastructure backup design and backup product features. Determine if you are both optimally protecting your virtual infrastructure as well as taking advantage of the latest virtualization backup features. Read this white paper to learn the 10 best practices for virtual infrastructure backup.

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join Now

New questions

Which is the best VPS hosting company In India?
2 answers
How good is the new Axis browser from Yahoo?
3 answers
What could Apple's new "most important" project be?
1 answer
What will be the impact of Google's acquisition of Motorola Mobility?
4 answers
How much longer will last years flooding in Asia impact hard drive supplies?
2 answers
View more questions

Ask a question

Join Now or Sign In to ask a question.
Ask a Question