Article Image
News Link • Science, Medicine and Technology

IT Administrator’s Hacking Spree Foiled by $5 McDonald’s Purchase

• Kim Zetter via
 An information-technology administrator has pleaded guilty to crippling his former employer’s network after FBI agents traced the attack to the Wi-Fi network at a McDonald’s restaurant in Georgia. The administrator was caught after he used his credit card to make a $5 purchase at the restaurant about five minutes before the hacks occurred.

Jason Cornish, 37, pleaded guilty Tuesday in New Jersey to crippling the network of Shionogi, a subsidiary of a Japanese pharmaceutical company that has offices in New Jersey and Georgia. Cornish apparently hacked the company after a friend of his was fired from the firm.

According to court documents (.pdf), Cornish used legitimate credentials to log into the company’s network Feb. 3 at around 6 a.m., then proceeded to systematically delete the contents of 15 virtual hosts on the network. These included the company’s e-mail and BlackBerry servers, as well as its order-tracking system and financial-management software.

“The Feb. 3 attack effectively froze Shionogi’s operations for a number of days, leaving company employees unable to ship product, to cut checks, or even to communicate via e-mail,” according to the complaint filed against him, which asserted that the hack cost Shionogi about $300,000. That figure rose to $800,000 in later court documents.

Cornish had worked for the company for about a year before resigning in July 2010 over a dispute with a senior manager. After he resigned, his former supervisor and close friend, who is identified in court documents only as B.N., convinced the company to keep Cornish on as a consultant until September 2010, due to his extensive knowledge of the company’s network. It was that knowledge that eventually helped him swiftly locate and erase the servers he targeted in his attack.

Join us on our Social Networks:


Share this page with your friends on your favorite social network: