Ex-PenAir Employee Caught Thanks To VPN Logs

  • Kugler, an Ex-PenAir employee has been caught by FBI agents following her illicit hacking attempts against the airline company.
  • Kugler thought she could get away with it while hiding behind a VPN, something foolishly attempted by many cyber-criminals.
  • Ultimately, the VPN logs themselves led to Kugler being convicted for her crimes. 

Suzette Kugler, an Ex-PenAir employee has recently been busted by FBI agents following her repeated hacking of the airline’s reservation and ticket system. She was ultimately tracked-down thanks to VPN logs which were being kept by the VPN service – which Kugler thought was apparently protecting her. The Department of Justice has stated that Kugler has pleaded guilty and as a part of that agreement, she will have to pay $5,616 as restitution to PenAir.

PenAir VPN logs led to arrest
Image Courtesy of The Hacker News

Now, Kugler had a prosperous 29-year long career at PenAir, and in accordance to her LinkedIn profile, she was the administrator of PenAir’s Sabre database system – which is used for ticketing and reservation purposes by the airline. In her own words, Kugler’s job profile consisted of “oversight, policy, procedure, and development as it relates to software for customer service and flight tracking.”

According to information gathered by Naked Security, as of Feb 2017, the southeast Alaska regional airline – PenAir filled for Chapter 11 bankruptcy. This led to shutting down of all of their operations in Alaska, ultimately leading to Kugler losing her position. However, before retiring, she used her access to PenAir’s system and created a fake new employee account and gave it access to high-level security clearance, and other privileges. And with access to such a high profile account, Kugler started to wreak havoc on PenAir network.

The first complaint was reported back on 5 May 2017 when some incidents of network and computer intrusion were spotted by the airline. In just two months, April and May, Kugler disabled a former colleague’s access permission and then went on to erase station information for eight airports. This lead to trouble and inability to book tickets, or make modifications to any flight that was set in one of those eight airports. The FBI was informed of all these mishaps.

Later on, Kugler went on to wipe out three seat maps from the Sabre system which meant it would be impossible to board or ticket passengers onto those seats. Luckily this incident was discovered three days before the flights were supposed to take off, and the seat maps were restored. Through all these incidents, the airlines made a loss somewhere between the $5000 – $6500 bracket.

Following all such developments, FBI agents executed a search warrant for Kugler on July 27, 2017, and knocked on her doors at Desert Hot Springs, California. There, the agents discovered two laptops with Sabre VPN software installed. Apparently Kugler, much like many more cybercriminals, foolishly thought that VPNs kept no logs and provided the perfect wall to hide behind.



Intel Revises Manufacturing Process Development Roadmap and it Looks Promising

Intel declares ready to leave the ear of massive delays behind and finally get back on track.The American chipmaker promises to release...

Kazakhstan Blocks LinkedIn Over Illegal Casino Advertisements and Fake Accounts

Kazakhstan says LinkedIn violated its online advertisement rules and posted casino ads on the platform.For this reason and also for the existence...

Monero Bug May Have Exposed the Privacy of Transactions for a Small Number of Users

Monero transactions could be de-obfuscated thanks to a nasty bug in the decoy algorithm.The flaw affects transactions made quickly after a user...