San Jose Man Pleads Guilty To Damaging Cisco’s Network
Unauthorized Access Led to Deletion of 16,000 WebEx Teams Accounts in the Fall of 2018
SAN JOSE – Sudhish Kasaba Ramesh pleaded guilty in federal court in San Jose today to intentionally accessing a protected computer without authorization and recklessly causing damage, announced United States Attorney David L. Anderson and Federal Bureau of Investigation Special Agent in Charge John L. Bennett.
According to the plea agreement, Ramesh admitted to intentionally accessing Cisco Systems’ cloud infrastructure that was hosted by Amazon Web Services without Cisco’s permission on September 24, 2018. Ramesh worked for Cisco and resigned in approximately April 2018. During his unauthorized access, Ramesh admitted that he deployed a code from his Google Cloud Project account that resulted in the deletion of 456 virtual machines for Cisco’s WebEx Teams application, which provided video meetings, video messaging, file sharing, and other collaboration tools. He further admitted that he acted recklessly in deploying the code, and consciously disregarded the substantial risk that his conduct could harm to Cisco. As a result of Ramesh’s conduct, over 16,000 WebEx Teams accounts were shut down for up to two weeks, and caused Cisco to spend approximately $1,400,000 in employee time to restore the damage to the application and refund over $1,000,000 to affected customers. No customer data was compromised as a result of the defendant’s conduct.
Ramesh, 30, of San Jose, California, was charged by Information on July 13, 2020. He was charged with one count of Intentionally Accessing a Protected Computer Without Authorization and Recklessly Causing Damage, in violation of 18 U.S.C. §§ 1030(a)(5)(B) and (c)(4)(A)(i)(I).
Under the plea agreement, Ramesh pled guilty to the sole count of the Information.
Ramesh is currently released on bond. Bail was set at $50,000.
Ramesh’s sentencing hearing is scheduled for December 9, 2020, before The Honorable Lucy H. Koh, U.S. District Court Judge, in San Jose. The maximum statutory penalty for the offense of Intentionally Accessing a Protected Computer Without Authorization and Recklessly Causing Damage, in violation of 18 U.S.C. §§ 1030(a)(5)(B) and (c)(4)(A)(i)(I), is 5 years imprisonment and a fine of $250,000. However, any sentence will be imposed by the court only after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553.
Susan Knight is the Assistant U.S. Attorney who is prosecuting the case with the assistance of Elise Etter. The prosecution is the result of an investigation by the Federal Bureau of Investigation. Cisco Systems, Inc. fully cooperated with the U.S. Attorney’s Office and Federal Bureau of Investigation.