Any protected computer system is only as safe as whoever’s in charge of it, so hopefully that person doesn’t go rogue. Here’s a clear example: The Securities and Exchange Commission has charged an IT admin at Santa Clara-based Palo Alto Networks (PANW) and four others with an insider trading plot that reaped “over $7 million in illegal trading profits” at its apex in 2017, Reuters reported on Tuesday.
The group’s alleged scam ran from 2015 to 2018, according to an SEC announcement, and relied on using IT staffer Janardhan Nellore’s “IT credentials and work contacts to obtain highly confidential information” about PANW. He and friends Sivannarayana Barama, Ganapathi Kunadharaju, Saber Hussain, and Prasad Malempati all face SEC civil charges, according to the Mercury News.
Nellore and Barama are separately staring down criminal securities fraud charges announced by prosecutors with the U.S. Attorney’s Office for the Northern District of California. The duo could land up to 25 years in prison and a fine of $250,000 if convicted, while Nellore could also face a minimum two year stretch in prison and a $25,000 fine if convicted on additional charges of identity theft.
Nellore’s employment was terminated sometime in 2019. The SEC’s complaint alleges that after FBI agents approached Nellore on May 7, 2019, Nellore “secured one-way flight tickets for himself and his family to India.” FBI agents stopped him from boarding an aircraft the next day.
According to the complaint, before he was fired Nellore was “one of only five individuals at PANW with the highest level of access to the [Systems, Applications & Products in Data Processing] database, known as the ‘SAP Admin Group.’” The SEC says that the group used the codeword “baby” to discuss their investments in PANW stock, which were structured around Nellore’s illicit access to sensitive revenue data in SAP directories.
“This issue involved two non-executive level employees and two contractors, who were either terminated or had previously left the company,” a PANW spokeswoman told the Mercury News.
In a press release, the SEC touted the cases as an example of its pattern-analysis systems that spot potentially illegal trades.
“Nellore and his friends exploited Nellore’s access to valuable earnings information and attempted to hide their misconduct using code words and carefully tailored cash withdrawals,” SEC San Francisco Regional Office director Erin E. Schneider wrote. “This case highlights our use of enhanced data analysis tools to spot suspicious trading patterns and identify the traders behind them.”
Counsel for Kunadharaju told Reuters they were cooperating with the SEC and were “optimistic about the outcome of the case,” while a lawyer for Malempati told the news agency that the fact that their client is “not in custody” was evidence he did not know about the insider trading element of the plan. The Mercury News reported that counsel for Nellore and Barama declined to comment, while Hussain’s attorney did not respond to its requests for comment.