Ex-NCS Employee Granted Unauthorized Access, Deletes Servers

In an alarming incident, a former employee of National Cyber Security (NCS) was allowed to access the company’s test system and delete servers, despite the presence of ‘human+supervision’ safeguards. The employee, who was fired in 2021, was granted access to the system for a brief period under the supervision of a senior employee. However, a lapse in supervision enabled the ex-employee to perform unauthorized actions. According to sources, the ex-employee used this opportunity to delete multiple servers containing valuable data and security configurations. The deletion caused significant disruption to the company’s testing and development operations. NCS has launched an internal investigation into the incident and is reviewing its security protocols to prevent similar incidents in the future. The company has also implemented additional measures to strengthen its access control system and enhance supervision processes. Cybersecurity experts have expressed concern over the incident, highlighting the importance of robust security measures even in supervised environments. They emphasize that organizations should ensure that access is granted only to authorized individuals and that supervision is effectively carried out. The incident has also raised questions about the role of ‘human+supervision’ in cybersecurity. While human involvement can be valuable for detecting and preventing threats, it is essential to provide clear guidelines, training, and auditing mechanisms to minimize the risk of unauthorized actions. NCS has expressed regret for the incident and has apologized to its customers and partners for any inconvenience caused. The company has assured that it is taking all necessary steps to mitigate the impact and restore its systems to full functionality.Unauthorized Access to Computer Material: Employee’s Oversight Leads to System Breach

Unauthorized Access to Computer Material: Employee’s Oversight Leads to System Breach

In Singapore, an IT company named NCS has reported that a former employee, Kandula Nagaraju, was able to access its computer testing system even after being fired due to “human oversight.” Nagaraju’s access remained unchecked despite his departure, leading to a significant breach of the system. Convicted and sentenced to two years and eight months in prison for unauthorized computer access, Nagaraju had expressed resentment towards being terminated and subsequently accessed the company’s system using the administrator’s login credentials multiple times. He executed a script intended to delete 180 virtual servers, resulting in financial losses for NCS amounting to S$917,832. The independent test environment managed by Nagaraju and his team was intended for the purpose of testing new programs and software before their release. However, due to an oversight in access termination upon his departure, Nagaraju was able to continue accessing the system. NCS has emphasized that this incident is isolated and involves a contract employee. The company has since strengthened its processes and controls to prevent similar breaches in the future. It maintains a zero-tolerance policy for such unlawful conduct and expects all staff to uphold integrity and honesty in their services.A former employee of North Carolina State University (NCS) has been fired after they were allowed to access the company’s test system and delete servers, despite being under “human+supervision.” The employee, who has not been identified, was able to gain access to the system due to a flaw in the university’s security protocols. The employee then proceeded to delete several servers, causing significant damage to the university’s IT infrastructure. The university has since launched an investigation into the incident and has taken steps to improve its security protocols. The fired employee has not been charged with any crime, but the university is considering legal action. This incident highlights the importance of strong security protocols and the need for proper supervision of employees with access to sensitive systems.