Ubiquiti Networks, a technological company that had its headquarters in New York, that produced and marketed equipment related to wireless communications, and that had shares that were traded on the New York Stock Exchange at all periods that were pertinent to the Indictment. NICKOLAS SHARP worked for Ubiquiti Networks from about August 2018 to approximately April 1, 2021. His employment ended on that date. SHARP was a senior developer at the company and had access to the server credentials for Amazon Web Services (“AWS”) and GitHub Inc. (“GitHub”).
In the vicinity of December 2020, SHARP committed many acts of administrative access abuse in order to obtain terabytes of secret material from his workplace. When SHARP accessed Ubiquiti Networks AWS and GitHub infrastructure without authorization, he masked his Internet Protocol (IP) address by using a virtual private network (VPN) service that he had subscribed to from a company known as Surfshark. This service enabled him to conceal his IP address for the majority of the cybersecurity incident that we will refer to hereafter as “the Incident.” During the process of exfiltrating the data from Ubiquiti Networks, SHARP’s home IP address was revealed at one point during a brief interruption in internet service at SHARP’s residence.
In the course of the Incident, SHARP caused damage to Ubiquiti Networks computer systems by modifying log retention rules and other files in an effort to hide the illegal activity he was doing on the network. While working on a team to