Servers at a paper maker Georgia-Pacific were hacked by a former sysadmin that was arrested by feds. The incident caused $1m in damage.
A system administrator, Brian Johnson (44) from Baton Rouge, Louisiana, has been jailed for hacking the control systems of his ex-employer.
Johnson had worked at paper maker Georgia-Pacific for years until the Valentine’s Day 2014 when he left the company and started attacking it. The company produces paper towels and tissues, it has 200 facilities across the US and 35,000 employees.
Johnson maintained active its VPN connection to the systems at Georgia-Pacific even after he left the company and accessed the servers to install its own software and interfere with industrial control systems (ICS) in the plant.
The former sysadmin launched the attack against the company that lasted two weeks and caused roughly $1.1m million dollars in damage.
Experts that investigated the incident focused the analysis on the timing of the attacks, the cyber incursion started after the sysadmin was fired. On February 27, the FBI raided Johnson’s home and found a VPN connection into the company’s servers on his laptop.
A forensic investigation allowed law enforcement to collect evidence of the attack on the company server.
According to the indictment, Johnson pleaded guilty to hacking and willful damage charges.
Last week, the Louisiana district courts estimated the overall damages caused by the man at $1,134,828 of lost, and he ordered the man to repay.
The man has to serve a sentence of 34 months in prison.
“This case is a powerful reminder of the very real threat and danger that businesses and individuals face from cyberattacks and other cyber-related criminal activity,” said United States Attorney Walt Green. “The best defense to these sorts of attacks includes security, training, and continued vigilance at the facility level.”
(Security Affairs – Georgia-Pacific, hacking)
The post Former employee hacked paper maker Georgia-Pacific and caused $1m damage appeared first on Security Affairs.
Source: Security Affairs @ February 18, 2017 at 05:25AM