Bing Han (Han Bing)

Biography

2022: A sentence of 7 years in prison for removing all financial data from the company's servers

In mid-May 2022, Han Bing, who was a database administrator at the Chinese company Lianjia (specializing in real estate), was sentenced to 7 years in prison for entering corporate systems and deleting commercially important data.

Han Bing committed a crime in June 2018, when Bing used his administrative privileges and root account to access the company's financial system and delete all stored data from two database servers and two servers associated with Lianjia applications.

Bing's actions led to the immediate shutdown of a significant part of Lianjia's operations, leaving tens of thousands of its employees without salaries for a long period and forcing efforts to restore data that cost about $30 thousand for Lianjia.

According to documents published by the Haidian District People's Prosecutor's Court in Beijing, Bing was one of the five main suspects in the data removal incident. However, the indirect damage from the disruption of the company turned out to be much more significant, since Lianjia has thousands of offices, more than 120 thousand brokers work in it, Lianjia owns 51 subsidiaries, and its market value is estimated at $6 billion.

The administrator immediately aroused suspicion when he refused to give the password from his laptop to the company's investigators. According to investigators in court, they knew that such an operation would not leave traces on laptops, so they carried out checks only in order to assess the reaction of five employees who had access to the system. In the end, specialists received access logs from servers and traced the activity to specific internal IP and MAC addresses. Inspectors even received Wi-Fi logs and timestamps and eventually confirmed their suspicions, correlating them with CCTV footage.

The final assessment of the hired IB security forensic expert was that Han Bing used shred and rm commands to erase databases. rm - Removes symbolic references to files, and shred - overwrites data three times using multiple templates, so that information in them becomes unrecoverable.

The judicial expert expressed his bewilderment at the fact that citizen Bing repeatedly informed his employer and the authorities of his department about security gaps, and also notified other administrators in the department by e-mail. However, Bing was mostly ignored, since the company leaders of his department did not approve the security project, which he proposed to launch. This is confirmed by the testimony of the director of ethics at Lianjia, who told the court that Han Bin felt that his organizational proposals were not appreciated, and often entered into disputes with his superiors.^[1]

Notes