Source: Bleeping Computer
A former database administrator for Chinese real estate brokerage giant Lianjia reportedly wiped the company’s data. Turns out, Han Bing logged into corporate systems, deleting the data, leading to getting a sentence of 7 years in prison. Allegedly, the former administrator carried out the act in the month of June in 2018.
This was when he utilised his administrative benefits and ‘root account’ to gain access to the firm’s financial system. Doing so, he wiped all of the stored data from two database servers, along with two application servers. Resultantly, this lead to the instant crippling of a wide portion of the operations at Lianjia.
Consequently, the crippling resulted in leaving a large number of workers without salaries for a long time. Moreover, it forced an effort on data restoration that cost about $30,000. In fact, indirect damages from this disturbance were clearly more significant. This was owing to the company’s 120,000 brokers, operations at several offices, ownership of 51 subsidiaries, along with its market value being about $6 billion.
Employees investigated:
Documents released by the court of the People’s Procuratorate of Haidian District, Beijing revealed details. It stated how H. Bing was 1 of the 5 central suspects in the investigation. Bing became the main suspect when he refused to give his laptop password to the investigators.
“Han Bing claimed that his computer had private data and the password could only be provided to public authorities, or would only accept entering it himself and being present during the checks,” detail Chinese outlets that reproduced portions of the published documents.
Revelations from the investigators indicated how they knew such an incident would not leave any remnants on the devices. Hence, they only carried out the check in order to see suspects’ reactions.
Subsequently, the technicians went on to retrieve access to logs from those servers, tracing the activity to particular internal IP and MAC address. They even gained logs on WiFi connections, along with timestamps, confirming their suspicions with footage from CCTVs. Bing’s use of ‘shred’ and ‘rm’ commands to carry out the deletion revealed further details. The ‘rm’ command remove symbolic links of files, and ‘shred’ overwrites the data thrice in various patterns, making it irrecoverable.
Why did Bing take such steps?
Reportedly, Bing had informed his employer and supervisors repeatedly regarding security gaps in its financial systems. Unfortunately, he was widely ignored for the department leaders never approved of the his proposed security project.
The director of ethic at Lianjia confirmed this in a testimony. He informed that Bing felt that his organisational proposals were not exactly valued. Moreover, he even frequently entered into arguments with his supervisors.
