Developer Sentenced to Four Years for Custom Malware Attack on Former Employer's Network

A software developer, Nikolai Mushegian, has been sentenced to four years in prison for deploying custom malware and a kill switch on his former employer's Windows network. The attack was triggered when his account was deactivated, causing operational disruptions by locking employees out of the system. Mushegian was arrested in July 2022 and pleaded guilty in March 2023 to charges of intentionally damaging a protected computer. This case underscores the significant threat posed by insiders with technical expertise and access to critical systems. The use of custom malware and a kill switch demonstrates the potential for tailored attacks that can evade detection and cause substantial harm. Organizations must prioritize insider threat detection and mitigation strategies, including robust access controls, monitoring of privileged user activities, and comprehensive incident response plans. The legal consequences for Mushegian highlight the seriousness of such offenses and serve as a deterrent to potential insider threats.