A Beijing-based IT administrator from Chinese real-estate firm Lianjia has been sentenced to 7 years in prison for intentionally deleting four of its financial databases.
Han Bing, an IT administrator, allegedly acted in June 2018, using his administrative privileges to access the company’s financial system and delete all the stored data from two database servers and two application servers.
The restoration efforts are estimated to have cost the company $30,000.
Lianjia, previously known as Homelink, is a Chinese real-estate brokerage company with an estimated market value of $6 billion. As a result of the attack, tens of thousands of the company's employees were unable to receive their salaries for an extended period of time while the issue was resolved.
At the time of the incident, only five employees at the company had the necessary clearance to access the data that was deleted. The defendant, however, was the only one who refused to give investigators unfettered access to his laptop.
"Han Bing claimed that his computer had private data and the password could only be provided to public authorities, or would only accept entering it himself and being present during the checks," reported local news outlet 4hou.
Investigators then retrieved access logs from the servers and traced the activity to internal IPs and MAC addresses, as well as gathering Wi-Fi connectivity logs and timestamps. These were then compared to CCTV footage, which showed Bing to have conducted the cyberattack.
It is reported that Bing used his IT privileges and a root account to activate the ‘shred’ and ‘rm’ commands to destroy the data. ‘Shred’ overwrites the data three times with different patterns making it impossible to recover, while ‘rm’ deletes the symbolic links to the files.
In the months leading up to the incident, Bing had repeatedly informed his employer and supervisor about security gaps in the system, only to be rebuffed and ignored. It has been speculated by colleagues that this was the motivation behind the attack.
Bing has been found guilty of damaging computer information and has been sentenced to 7 years in prison.