It was 9:30 on the morning of March 4, 2002, and something was terribly wrong at the offices of PaineWebber UBS. Computers in branches all over the country began showing disc errors. A logic bomb buried deep within the machines had wiped their hard drives clean, preventing 17,000 brokers from making trades.
"It was six months after 9/11," says Keith Jones, co-principal of Jones Dykstra and Associates, a computer forensics and expert witness firm. "Back then if anyone so much as sneezed, you thought 'terrorism.'"
The IT staff located the backups and restored the first batch of machines. They got wiped again. The logic bomb had propagated to the backups. The brokers gave up on their computers and went to their other backup plan: paper and pencils. UBS tech staff ultimately figured out how to bypass the bomb and restore computer access, but it was weeks before the company was back to normal. More than $3 million in damage had been done.
The culprit: Roger Duronio, a 60-year-old systems administrator. Unhappy about not receiving compensation he'd been promised, Duronio planted the logic bomb on more than 1,000 Unix machines throughout the company. He then shorted the company's stock, hoping to capitalize financially as PaineWebber's share price dropped. Instead he was convicted of computer sabotage and securities fraud. He's now serving an eight-year sentence.
Other cases speak less of revenge and more of IT workers simply cracking under stress -- such as the saga of Terry Childs, a network administrator for the city of San Francisco who became frustrated by his manager's lack of technical expertise and withheld administrative access to parts of the city's network. That particular incident appears to have been a freak-out rather than a premeditated criminal act. But either way, disgruntled IT workers -- battered by interminable hours and impossible demands -- pose a greater threat than ever.
For every Duronio or Childs that makes it into the press, there are 98 others you never hear about, says Jones, who was a key government witness in the Duronio case.
"People don't realize just how much access senior IT people have," says his partner Brian Dykstra. "The vast majority of system admins don't abuse their privileges -- even if they wanted to, they're too busy. But when someone does go over the edge, they have the ability to do a great deal of damage."
And the consequences can be devastating.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Data Centre Assessments: The First Step to Optimisation
Multiple suppliers - a common culture
5 steps to getting started with data loss prevention
Master Data Management and Accurate Data Matching
Business Processes and Customers - Difficult Domains to Integrate
Master Data Management as “Plan B”: Why Your Data Warehouse, CRM, ETL and EII Solutions Are Better with MDM
A Platform for Master Data Management to Help You Know and Trust Your Data
How to Pick the Best Master Data Management Solution for Your Organisation
Zones provide focussed content from Computerworld and leading technology partners.
Comments
Post new comment