A Hawaiian IT administrator pleaded guilty to sabotaging his former employer's computer network to get a higher salary, abusing the special access privileges he'd been granted.
Casey K. Umetsu Sr., 40, of Honolulu, Hawaii, faces sentencing in January 2023 after his guilty plea before U.S. District Judge Jill A. Otake, according to a U.S. Department of Justice Sept. 28 news release.
"Umetsu criminally abused the special access privileges given to him by his employer to disrupt its network operations for personal gain," U.S. Attorney Clare E. Connors said in the news release. "Those who compromise the security of a computer network – whether government, business or personal – will be investigated and prosecuted, including technology personnel whose access was granted by the victim."
Umetsu faces a maximum sentence of 10 years in federal prison and a fine of up to $250,000, the release reported. There is no parole in the federal system.
Umetsu worked "for a prominent Hawaii-based financial company" between 2017 and 2019, and he was responsible for administering the company's computer network and helping other employees resolve computer and technology problems, the news release said. In his guilty plea, Umetsu admitted, after he left the company, he accessed the website the company used to manage its internet domain and used his credentials to access the company’s configuration settings on that website.
"Umetsu made numerous changes, including purposefully misdirecting web and email traffic to computers unaffiliated with the company; thereby, incapacitating the company’s web presence and email," the news release said. "Umetsu then prolonged the outage for several days by taking a variety of steps to keep the company locked out of the website. Umetsu admitted he caused the damage as part of a scheme to convince the company it should hire him back at a higher salary."
"This is a great example of a company partnering, and working with the FBI, to catch a former employee who sabotaged their network for their own personal gain," FBI Special Agent in Charge Steven Merrill said in the news release. "We encourage companies to include the FBI as part of their cybersecurity incident plan so we can assist when they have a cyber incident."
