Ex-PenAir Employee Caught Thanks To VPN Logs

• Kugler, an Ex-PenAir employee has been caught by FBI agents following her illicit hacking attempts against the airline company.
• Kugler thought she could get away with it while hiding behind a VPN, something foolishly attempted by many cyber-criminals.
• Ultimately, the VPN logs themselves led to Kugler being convicted for her crimes. 

Suzette Kugler, an Ex-PenAir employee has recently been busted by FBI agents following her repeated hacking of the airline’s reservation and ticket system. She was ultimately tracked-down thanks to VPN logs which were being kept by the VPN service - which Kugler thought was apparently protecting her. The Department of Justice has stated that Kugler has pleaded guilty and as a part of that agreement, she will have to pay $5,616 as restitution to PenAir.

Image Courtesy of The Hacker News

Now, Kugler had a prosperous 29-year long career at PenAir, and in accordance to her LinkedIn profile, she was the administrator of PenAir’s Sabre database system - which is used for ticketing and reservation purposes by the airline. In her own words, Kugler’s job profile consisted of “oversight, policy, procedure, and development as it relates to software for customer service and flight tracking.”

According to information gathered by Naked Security, as of Feb 2017, the southeast Alaska regional airline - PenAir filled for Chapter 11 bankruptcy. This led to shutting down of all of their operations in Alaska, ultimately leading to Kugler losing her position. However, before retiring, she used her access to PenAir’s system and created a fake new employee account and gave it access to high-level security clearance, and other privileges. And with access to such a high profile account, Kugler started to wreak havoc on PenAir network.

The first complaint was reported back on 5 May 2017 when some incidents of network and computer intrusion were spotted by the airline. In just two months, April and May, Kugler disabled a former colleague’s access permission and then went on to erase station information for eight airports. This lead to trouble and inability to book tickets, or make modifications to any flight that was set in one of those eight airports. The FBI was informed of all these mishaps.

Later on, Kugler went on to wipe out three seat maps from the Sabre system which meant it would be impossible to board or ticket passengers onto those seats. Luckily this incident was discovered three days before the flights were supposed to take off, and the seat maps were restored. Through all these incidents, the airlines made a loss somewhere between the $5000 - $6500 bracket.

Following all such developments, FBI agents executed a search warrant for Kugler on July 27, 2017, and knocked on her doors at Desert Hot Springs, California. There, the agents discovered two laptops with Sabre VPN software installed. Apparently Kugler, much like many more cybercriminals, foolishly thought that VPNs kept no logs and provided the perfect wall to hide behind.