An engineer who worked for billionaire Robert Pera’s Ubiquiti Inc. got six years in prison after a judge rejected his claim that his plan to steal data from the company and demand $1.9 million for its return began as an “unsanctioned security drill” that made the computer network safer.
(Bloomberg) — An engineer who worked for billionaire Robert Pera’s Ubiquiti Inc.
got six years in prison after a judge rejected his claim that his plan to steal data from the company and demand $1.9 million for its return began as an “unsanctioned security drill” that made the computer network safer.
Nickolas Sharp, 37, was sentenced Wednesday after pleading guilty to charges of intentionally damaging a protected computer, wire fraud and making false statements to law enforcement.
According to prosecutors, he extorted the money from the company at a time when he was purportedly working to fix the security breach he’d created.
“It was not an act of malice, nor an act of greed,” Sharp said in a letter to the judge.
Prosecutors said Sharp lied to the company and to the FBI to throw suspicion onto others, planted phony stories about Ubiquiti with the press and caused the company to lose as much as $4 billion in market capitalization.
Sharp told US District Judge Katherine Polk Failla that he was working 16- and 18-hour days, trying to maintain Ubiquiti’s computer systems, but couldn’t get Pera to authorize necessary security improvements.
The actions taken by him and others at Ubiquiti, in response to his own data theft, allowed them to “leave Ubiquiti a safer place for itself and for its clients,” Sharp told the judge.
Failla rejected the claim, along with Sharp’s plea, through his lawyer Matthew Myers, that he be given no prison time.
“It was not up to Mr.
Sharp to play God in this circumstance,” she said, noting that he’d had many opportunities to “pull back from the precipice” and abandon his scheme.
“This is a most unusual case,” the judge said.
Myers cited supportive letters from family members, former coworkers and friends, characterizing his client as a brilliant, moral man who can be self-righteous and unbending with people, “honest to a fault.”
Sharp told the judge he was frustrated with hearing his actions explained by others.
“This whole process has been surreal,” he said, “listening to non-technical people trying to explain highly technical things.”
He blamed his actions on an “idiotic hyperfixation” on fixing the security flaws that were “out of control” and “not rational,” apologizing for the crime.
New York-based Ubiquiti provides wireless networking products and solutions.
Sharp worked for the company from August 2018 until April 2021, and misused his administrative access to Ubiquiti’s computer systems to take gigabytes of secret information. Prosecutors said he was discovered downloading data when a temporary internet outage resulted in his home IP address being unmasked.
Sharp admitted lying to FBI agents during a search of his home in March 2021.
“Nickolas Sharp was paid close to a quarter million dollars a year to help keep his employer safe,” Manhattan US Attorney Damian Williams said in a statement.
“He abused that trust.”
The case is US v. Sharp, 21-cr-00714, US District Court, Southern District of New York (Manhattan).
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.
