http://www.informationweek.com/news/showArticle.jhtml?articleID=188703100 By Sharon Gaudin InformationWeek Jun 8, 2006 Newark, N.J. -- On the day a system administrator at UBS PaineWebber learned his annual bonus had fallen short by about $15,000, he leveled an ultimatum at his boss: give him a written contract for more money or he was walking out the door, according to testimony Thursday in the federal criminal computer sabotage trial. But prosecutors charge that quitting his job wasn't the only thing on his mind in late February of 2002. They say Roger Duronio, a three-year employee in the financial giant's IT department, had already hatched a plan to plant malicious code on the network that would wipe out critical data across the country and drive down the company's stock price. Once Duronio packed up and was escorted out the building that day, he headed straight to a broker's office to buy stock options that would pay out if UBS suffered a setback. And that, the government contends, put the final stages of Duronio's plot into action. "On the day the actual bonuses were paid out.... Roger came into my office and, in somewhat of an upset tone, said he wanted a written contract for his compensation," Rajeev Khanna, manager for UBS's Unix Systems Group at the time of the attack, told the jury in his second day of testimony in U.S. District Court before Judge Joseph Greenaway. "He said if he did not have a contract by the end of the day, he was going to start packing.... He was visibly upset. It was his tone and there was some redness on his face." Duronio faces four counts, including computer sabotage, securities fraud, and mail fraud, in connection with the incident, which left about 8,000 of the company's brokers without the ability to trade for a day or more, and 9,000 other workers without the ability to access their desktops. It also leveled servers in the company's home office in Weehawkin, N.J., and in nearly every branch office around the country. Duronio reportedly wanted to take home $175,000 a year. At the time he quit his job at UBS, he was making a base salary of $125,000 and had an opportunity for a maximum bonus of $50,000. It was the loss of that $15,000 that pushed Duronio to walk away from his job and try to make bigger money by investing in short-term "put options," which are a type of investment that only pay out if the company's stock price falls. The shorter the term--in this case 11 days--the bigger the payout. The prosecution says Duronio started building components of the malicious code " what they're calling a logic bomb " the previous November. By the time Duronio found out for sure in February that he wasn't getting the bonus he'd been expecting, the logic bomb was already built and loaded onto the main host server in UBS's data center in Weehawkin, N.J., and on about 370 branch servers around the country. When he quit his job that day, the government says, the code was already sitting quietly on the servers just waiting for 9:30 a.m. on March 4 to go off. In earlier testimony at the trial, PaineWebber employees described how the network still hasn't recovered, four years later. But Chris Adams, Duronio's defense attorney and a partner at Walder, Hayden & Brogan in Roseland, N.J., says his client not only didn't commit the crime, he was a valuable employee at UBS PaineWebber, which changed its name to UBS Wealth Management USA in 2003. UBS' network was riddled with security holes that left them wide open to attack, Adams said in his opening statements Tuesday. The network also left Duronio wide open to someone else using his ID and passwords to masquerade as the system administrator and move around undetected in the system. On cross examination Thursday, Adams asked Khanna, who had been Duronio's supervisor, if the defendant had been a good worker and integral to the IT team. Khanna replied that he "would not say" Duronio had been outstanding. But he agreed with Adams that he had marked Duronio as someone who "consistently meets and sometimes exceeds" expectations. Khanna described Duronio as a valuable worker even in his main testimony in front of the prosecutor, Assistant U.S. Attorney Mauro Wolfe. "Overall, I gave him a satisfactory rating," he testified. "He did what he was asked to do and he did it well." Khanna said that's why he went to bat for Duronio and sought a raise for him in 2000, not long after the defendant started work at UBS. Duronio's pay went up $10,000 that year. "He expressed some concerns about cash flow and not having enough money coming in on a monthly basis," said Khanna. But by the fall of 2001, it became clear that the drooping economy and the troubled market were taking a toll on UBS. Khanna said he simply had a much smaller pool of bonus money to work with that year. As the manager of a few people himself, Duronio was even in on some of the conversations about having to lessen workers' bonuses that year, Khanna added. And even when Duronio threatened to quit on the spot if he wasn't given a contract that day, Khanna says he went to his supervisor and to Human Resources to see if anything could be done. Later, when Khanna escorted Duronio back to his desk to collect his things, he said he had already packed them up into a box. The defense will continue its cross-examination of Khanna on Friday morning. Copyright © 2006 CMP Media LLC, All rights reserved. _________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 29 - August 3 2,500+ international security experts from 40 nations, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Mon Jun 12 2006 - 02:00:19 PDT