In a case of grand-scale cyber sabotage, federal agents arrested a man who they said retaliated against a New Jersey pharmaceutical company he once worked for by wiping out chunks of digital files, causing $300,000 in losses, some of it from a laptop connected to a McDonalds wi-fi network. The key piece of evidence: a big breakfast.
McDonalds in Smyrna, Ga.
Jason Cornish, 37, effectively froze Shionogi Inc.’s operations for several days while employees there – unable to ship product, cut checks, or communicate by email – tried to repair the damage, the government says.
Cornish “was able to inflict great damage … with the stroke of a few computer keys,” said Newark FBI Special Agent in Charge Michael B. Ward. “Unfortunately, given his choice to misuse his considerable cyber skills, his actions now have him facing a potential decade-long prison sentence and untold financial repercussions.”
“The computers on which companies do business are the engines of the 21st century economy,” U.S. Attorney Paul J. Fishman said shortly after agents seized Cornish near his Georgia home and charged him with the equivalent of computer sabotage. “Malicious intrusions are against the law, regardless of motive.”
Cornish worked in IT at Shionogi, Inc., a stateside subsidiary of a Japanese pharmaceutical company with operations in New Jersey and Georgia, federal authorities said.
After resigning a year ago after an argument with a senior manager, Cornish stayed on as a paid consultant. But that ended last September, after he refused to return network passwords and was dropped.
Around the same time, the company announced layoffs that would affect his former supervisor, a close friend of nearly 15 years, a complaint filed in U.S. District Court in Newark says.
Around dawn Feb. 3, an FBI complaint says, Cornish used someone else’s account to hack his way into Shionogi’s computer network, thanks to a network at a McDonalds in Georgia where he used his credit card to buy a meal.
Using software that he’d planted exactly three weeks earlier — known as “vSpher” — Cornish began deleting the contents of 15 virtual hosts, one by one, federal agents said.
Combined, the targeted hosts housed 88 servers – basically, the majority of Shionogi’s American computer infrastructure. That included the company’s e-mail and Blackberry servers, its order tracking system, and its financial management software.
Cornish “also gained unauthorized access to Shionogi’s network from his home Internet connection using administrative passwords to which he had access as an employee,” the federal complaint says.
As it turns out, it wasn’t a difficult case to crack: FBI agents examined Sinogi’s remote access firewall logs, which survived the attack. They mapped out a path that led to one of six McDonalds in Smyrna, Ga.
The agents then checked the fast-food restaurant’s receipts and found a $4.96 purchase made with Cornish’s credit card at 6 a.m. that day, about 5 minutes before the attack, the complaint says.
They also determined that he’d hacked into the same system at least 20 times before – unsuccessfully cracking the targeted codes several times before that February morning at Mickey D’s, it adds.
Fishman credited special agents of the FBI’s Cyber Crimes Task Forces in both Newark and Atlanta with making the case, which is being handled by Assistant U.S. Attorney Seth B. Kosto out of Newark.
Click here to sign up for Daily Voice's free daily emails and news alerts.