NRI techie accused of planting a ticking ‘time-bomb’ on company’s servers

Nimesh Patel, a former IT worker at Worcester, Mass.-based Allegro MicroSystems, has been accused of putting a malicious computer programming code in the company network. The Indian American tech specialist, of Shrewsbury, Mass., worked at Allegro from Aug. 26, 2002 through Jan. 8, 2016 in the company’s IT department.

Patel is alleged to have broken the Computer Fraud and Abuse Act, trespassed, and committed conversion – that’s legal jargon for using other people’s property for a crime, reported The Register.

For 14 years, Patel worked at high-performance computing chip biz Allegro MicroSystems as a sysadmin, with particular responsibility for programming the shop’s Oracle financial database system. He resigned on January 8, 2016 but is accused of then trying to sabotage the company.

Over the course of his employment Patel was issued two laptops, which his bosses requested he return. Patel gave back one of the original laptops, and another unissued laptop, after completely wiping the hard drive.

The chip designer alleges the second work laptop was kept so that Patel could still access the company network and because it still contained a file with all the employees’ login data and passwords. Allegro claims the meddling cost it over $100,000, and it is seeking to recover these costs from Patel plus its legal bills and any damages the court levies. The lawsuit was filed in August 2016, but is still rumbling on, according to the Register.

Court documents filed in a Massachusetts district court by Allegro claim that on January 31 that year, Patel trespassed on company property to get within wireless range of the network, and then used the laptop to log into the network using the account of his subordinate staffer. He then uploaded malware into the Oracle financial gear, the report.

The code was designed to activate on the first day of Allegro’s financial year, April 1. The software was designed to delete key financial figures and records from the system. The software worked as designed, and two weeks into April the accounting department noticed something was wrong. Allegro called in investigators, who found the malicious code on April 25, along with evidence that Patel had used the second laptop to access the network after he had left the job.

The biz claims that the only other employee with the skills to write code for the Oracle database had left before Patel’s departure. It also alleges he logged into the network using the subordinate’s ID before he quit the job.