Skip to content ↓ | Skip to navigation ↓

A system administrator is accused of having caused its former employer $100,000 in damages using malicious code equipped with a “time bomb” feature.

Allegro Microsystems, a LLC company which makes and markets high-performance semiconductors, says Nimesh Patel of Shrewsbury, Massachusetts tampered with its servers back in January 2016. For his alleged crimes, Patel faces one count of violating the U.S. Computer Fraud and Misuse Act, trespassing, and conversion (using another entity’s property for criminal purposes). The dispute is set to go to trial by jury.

Patel began working for Allegro in its IT department on 26 August 2002. An “expert in the Oracle programming code,” he supported the company’s Oracle finance module that it uses to manage many critical aspects of its business. He carried out his work until 8 January 2016, when he resigned from Allegro.

At that time of his resignation, Allegro requested the defendant return two computers that it had assigned to him for business use. Those machines were capable of accessing the company’s systems if the user had an active password. Patel gave up one of those computers, but instead of returning the second unit, he is believed to have returned a third unsupported laptop that Allegro had given him for personal use.

With that second laptop in tow, the Shrewsbury resident allegedly trespassed onto the company’s property on 31 January 2016, accessed the company’s Wi-Fi network, and got to work. Court documents (PDF) reveal what presumably happened next:

“Upon gaining access to the network, Defendant Patel used a system administrator logon and password to upload and insert the malicious Oracle programming code to Allegro’s finance module. Defendant Patel designed the malicious code to copy certain headers or pointers to data into a separate database table and then to purge those headers from the finance module, thereby rendering the data in the module worthless. Defendant Patel also designed a ‘time bomb’ feature so that the malicious code would activate on April 1, 2016.”

Sure enough, on 14 April 2016, Allegro noticed discrepancies in its Oracle environment. It didn’t take long for its staff to discover the malicious code. From an analysis conducted by independent forensic investigators, it appears Patel had accessed the company’s network upon several occasions since his resignation using the second laptop.

Allegro says its former employee caused $100,000 in damages by tampering with its servers. It wants Patel to cover those costs and for the court to impose other penalties.

News of this alleged insider threat story comes less than a year after the world learned of a Citibank IT professional who deliberately wiped routers and shut down 90% of the firm’s networks across America.