Laptop Hack

IT admin deletes company’s databases and is jailed for seven years

Forensic experts correlated Wi-Fi connectivity logs and timestamps with internal CCTV footage to confirm their suspicions
Pro
Image: Getty via Dennis

17 May 2022

A former database administrator in China has been jailed for seven years after deleting data belonging to his employer, the real-estate brokerage giant Lianjia.

Han Bing allegedly performed the act in June 2018, according to Bleeping Computer. Bing used admin privileges and a root account to access the company’s financial system and delete data found on two database servers and two application servers.

The action immediately affected large parts of Lianjia’s operations which left tens of thousands of employees without salaries for an extended period. The company also had to carry out data restoration efforts which cost around $30,000.

 

advertisement



 

Bing was one of five suspects in the data deletion incident, detailed documents released by the court of the People’s Procuratorate of Haidian District. The administrator raised the authorities’ suspicion when he refused to give his laptop password to the company’s investigators.

“Han Bing claimed that his computer had private data and the password could only be provided to public authorities, or would only accept entering it himself and being present during the checks,” reported local news outlet 4hou.

Technicians retrieved access logs from the servers and traced the activity to internal IPs and MAC addresses. The inspectors also retrieved Wi-Fi connectivity logs and timestamps and eventually confirmed their suspicions by correlating them with CCTV footage.

The forensic expert also found that Bing had wiped the databases by using the commands ‘shred’ and ‘rm’. The shred command overwrites the data three times with multiple patterns so they cannot be recovered while rm removes the symbolic links of the files.

Bing had previously informed his employer about security gaps in the company’s financial system and communicated his worries to other administrators through e-mail. Despite this, he was largely ignored and his department’s leaders never approved the security project he had proposed.

Lianjia’s director of ethics testified at the court and said that Bing felt that his organisational proposals weren’t valued and often entered arguments with supervisors.

© Dennis Publishing

Read More:


Comments are closed.

Back to Top ↑