For all the money spent on intrusion detection and firewall technologies, arguably the greatest threat to a company’s IT infrastructure remains the disgruntled employee.
In one of the most audacious cases of its kind, a former systems administrator for UBS PaineWebber appeared in court in December charged with sabotaging two-thirds of the bank’s IT systems, in an effort to profit from an induced fall in the company’s share price.
It is alleged that Roger Duronio, 60, bought UBS ‘put’ options with the hope that the company’s share price would fall as a result of damage caused by a ‘logic bomb’, a delayed-action computer virus. On 4 March 2002, the indictment claims, the ‘bomb’ went off and damaged files on almost 1,000 of the company’s computers, causing damage of $3 million.
The attack did not have the desired effect, however: it was not publicised and UBS’s stock was unaffected. Duronio now faces up to 20 years in prison and fines of more than $1 million.
Logic bombs are one of the most popular weapons used by employees against their employers’ IT systems. In one of the most notorious examples, Timothy Allen Lloyd, a former network administrator for Omega Engineering, a measurement and control manufacturer, was jailed for more than three years in 2000. Prosecutors said he left behind logic bombs that deleted important data from company servers and caused more than $10 million damage after he was fired in 1996.
However, most IT directors and security managers continue to view attacks over the Internet as their greatest threat. For the last five years, respondents to the Computer Security Institute/FBI Computer Crime and Security Survey have cited the web as the most frequent point of attack.