Thursday, March 28, 2024

Frustrated IT Admin Gets 7 Years in Prison for Wiping Employer’s Databases

Chinese real estate biz giant Lianjia’s former database administrator, Han Bing (40-year-old), has been sentenced to 7 years in prison for hacking the corporate company’s systems and wiping their data.

Bing allegedly deleted all stored data from two database servers and two application servers using his administrative privileges and a “root” account in June 2018.

As a consequence, Lianjia has been forced to suspend large parts of its operations immediately. With this disruption, the company was unable to pay its employees for longer periods of time.

Not only that even restoring the whole data cost the company around $30,000, and it’s really expensive. It is not the direct damages caused by the interruption of the firm’s business, but rather the indirect damages, which were far more devastating.

Why this damage could have devasting impacts?

Since its market value is estimated to be $6 billion, and as of December 31, 2013, Lianjia owned 51 subsidiaries across 51 countries, operated thousands of offices, and employed over 120,000 brokers.

The incident of data deletion was attributed to the five main suspects, including Han Bing. When the company’s investigators asked the administrator to provide the company investigators with his laptop password, the administrator declined.

An investigator testified in court that they were aware such an operation would leave no trace on the laptop afterward. It is for this reason that only the five employees with access to the system were examined in order to measure their response.

A few days later, from the servers, the technicians retrieved all the access logs and also tracked all the activities back to specific internal IPs and MACs.

Moreover, they managed to retrieve the WiFi logs and timestamps, determining that the WiFi logs corresponded with CCTV footage, which would confirm their suspicions.

The contract forensic expert concluded that Bing had used the shred and rm commands to wipe its databases. This was the final reflection of the forensic expert’s analysis.

Here the shred overwrites data three times with multiple patterns, while rm deletes symbolic links to files.

Bing’s attempts to notify

The security holes in the financial system have repeatedly been reported by Han Bing to his employer and supervisors since he started working there.

Additionally, Han Bing also has sent a number of emails to other administrators in regard to the concerns he has.

The security projects he proposed to run, to ensure the safety of the company, were not approved and were harshly ignored by the department leaders.

Several witnesses at Lianjia, including the director of ethics at LianJia, Zhou Mou have come forward to help confirm this. While he told the court that Han Bing often found himself in arguments with his supervisors as he felt that his proposals were not being valued.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles