In a concerning case of cybercrime, a man from Honolulu pleaded guilty to sabotaging his former employer’s computer network. Casey K. Umetsu, Sr., an information technology professional, admitted to accessing a website used by the company and intentionally making changes that misdirected web and email traffic, effectively incapacitating the company’s online presence. Umetsu’s motive was revealed as an attempt to convince the company to hire him back at a higher salary. This case highlights the potential dangers of insider threats and serves as a reminder of the importance of robust cybersecurity measures. Sentencing is scheduled for January 19, 2023, and Umetsu could face a maximum sentence of 10 years in prison.
Background
The case involves Casey K. Umetsu, a 40-year-old resident of Honolulu, Hawaii, who has pleaded guilty to sabotaging his former employer’s computer network. Umetsu worked as an information technology professional for a prominent Hawaii-based financial company from 2017 to 2019. In his role, he was responsible for administering the company’s computer network and assisting other employees with computer and technology problems.
Umetsu’s actions came to light when he accessed a website used by the company to manage its internet domain shortly after leaving the company. Using his former employer’s credentials, Umetsu made changes to the company’s configuration settings on that website. These changes included misdirecting web and email traffic to computers unaffiliated with the company, effectively incapacitating the company’s web presence and email. Umetsu furthermore took steps to prolong the outage and keep the company locked out of the website.
Umetsu’s Employment and Responsibilities
As an IT professional, Umetsu played a crucial role in the company’s operations. He was responsible for administering the company’s computer network, ensuring its smooth functioning, and addressing any technological issues that arose within the organization. Umetsu also had the responsibility of assisting other employees with their technology problems, ensuring that they could work efficiently and effectively.
Umetsu’s Actions After Severing Ties
After severing ties with his former employer, Umetsu’s actions took a malicious turn. He accessed the company’s website using his former employer’s credentials. Once he gained access, Umetsu made multiple changes to the configuration settings. These changes were deliberately made to misdirect web and email traffic to unrelated computers, effectively disrupting the company’s web presence and email capabilities. Umetsu continued to prolong the outage by implementing various measures to keep the company locked out of the website.
Motive Behind Sabotage
Umetsu’s motive for sabotaging his former employer’s computer network was driven by his desire to be rehired by the company at a higher salary. He believed that by causing disruptions to the company’s operations, he would be able to convince them of his indispensability and negotiate a better compensation package.
Legal Consequences
Umetsu’s actions have serious legal implications. If convicted, he faces a maximum sentence of 10 years in prison and a fine of up to $250,000. Additionally, he may be subject to a term of supervised release for up to 3 years. The exact sentence and fines imposed will be determined by a federal district court judge based on the U.S. Sentencing Guidelines and other statutory factors.
Investigation and Prosecution
The investigation into Umetsu’s actions was conducted by the Federal Bureau of Investigation (FBI). The FBI, in collaboration with the company affected by Umetsu’s sabotage, gathered evidence and built a case against him. Assistant U.S. Attorneys Rebecca A. Perlmutter and Wayne A. Myers are handling the prosecution, presenting the evidence and arguments in court.
Statement from U.S. Attorney Clare E. Connors
U.S. Attorney Clare E. Connors condemns Umetsu’s actions and emphasizes the importance of holding individuals accountable for compromising network security. She highlights the fact that individuals, regardless of their position within an organization, will be investigated and prosecuted for their actions if they compromise the security of a computer network.
Statement from FBI Special Agent in Charge Steven Merrill
FBI Special Agent in Charge Steven Merrill commends the company affected by Umetsu’s sabotage for partnering with the FBI during the investigation. He encourages other companies to include the FBI as part of their cybersecurity incident plans, emphasizing the importance of collaboration between law enforcement and organizations to address and mitigate cyber incidents.
Potential Consequences for Umetsu
If Umetsu is convicted, he could face severe consequences. These include a potential prison sentence of up to 10 years and a fine of up to $250,000. Additionally, he may be subject to a term of supervised release for up to 3 years. The court will consider various factors, including the nature and extent of Umetsu’s actions, when determining the appropriate sentence.
Conclusion
Umetsu’s actions of sabotaging his former employer’s computer network have grave consequences. They not only caused significant disruption to the company’s operations but also compromised its web presence and email capabilities. This case underscores the importance of cybersecurity and the need to prosecute individuals who engage in cybercrimes. It serves as a reminder that compromising network security is a serious offense that will not go unpunished.