Nightmare On Wall Street: Prosecution Witness Describes 'Chaos' In UBS PaineWebber Attack
Prosecutors claim the defendant, a former systems administrator for the company, set off a logic bomb designed to crash the network to get revenge for not being paid what he thought he was worth. But the defense argues anyone could have made the "sophomoric" attack.
NEWARK, N.J.--Federal prosecutors opened their case against former UBS PaineWebber systems administrator Roger Duronio on Tuesday by calling to the stand a woman who had to clean up the logic bomb he allegedly set off.
IT manager Elvira Maria Rodriguez told the court she arrived at work at the company's Escalation Center in Weehawkin, N.J., at 8:30 or 9 a.m. on March 4, 2002, expecting nothing out of the ordinary. She logged into the system and phoned into the weekly Monday-morning conference call.
But just as it turned 9:30 and the stock market was opening for the day, Rodriguez, who was in charge of maintaining the stability of the servers in the company's branch offices, heard her computer beep. She turned to look at it and saw the words "cannot find" on her screen. She hit "enter" to see the message again but her screen was frozen.
Then she glanced at her phone and saw that 60 calls had come in all at once.
On any other day, she might have two or three calls on hold at one time.
But this wasn't going to be any other day.
This was the day when 2,000 of the company's servers went down, leaving about 17,000 brokers across the country unable to make trades. Nearly 400 branch offices were affected. Files were deleted. Backups went down within minutes of being run. The system was offline for more than a day, and UBS PaineWebber -- which was renamed UBS Wealth Management USA in 2003 -- spent about $3.1 million in assessing and restoring the network. Executives at the company haven't reported how much was lost in business downtime.
"It was pretty unbelievable," said Rodriguez, who was the first witness for the prosecution. "It was the magnitude of it. How on earth were we going to bring them all back up? How was this going to affect the company? If I had a scale of one to 10, this would be a 10-plus."
The Prosecution's Case
Federal prosecutors charge that Duronio, a former systems administrator at UBS PaineWebber, planted malicious code -- what they're calling a logic bomb -- on the company's network.
Assistant U.S. Attorney V. Grady O'Malley told jurors that Duronio, 63, of Bogota, N.J., sought revenge against his employer by building, planting, and disseminating the logic bomb, which was designed to delete all the files in the host server in the central data center and in every server in every U.S. branch office. But more importantly, according to O'Malley, was the fact that Duronio was looking to make up for some of the cash he felt he'd been denied.
Duronio allegedly wanted to take home $175,000 a year. The government says he had a base salary of $125,000 and stood to get a maximum annual bonus of $50,000. But the bonus came in shy of his expectations -- $18,000 shy.
"If he wasn't going to receive that, he was going to level a catastrophe against UBS that would rock their financial stability -- and that would get him the biggest payday of his life," O'Malley told the jury at U.S. District Court in Newark.
Duronio is facing federal charges, including mail fraud, securities fraud, and computer sabotage. If convicted, he could be sentenced to a maximum 30 years, fines of up to $1 million, and restitution for the money UBS spent on recovery. Opening statements kicked off in his trial Tuesday morning.
Bet The IRA
The government contends Duronio built and planted the malicious code months ahead of time and then bought stock options -- using money that he got cashing out his and his wife's $20,000 IRA -- that would only pay out if the company's stock took a dive within 11 days. By laying out a short expiration date -- 11 days instead of maybe a year or two -- the gain from any payout would be much greater.
O'Malley said Duronio planned on making sure that that's exactly what would happen, by crippling the company's network.
"He knew something everyone else didn't know," O'Malley told the jury. "As he was escorted out the door [on the day he quit], there was working in the UBS system a time bomb. Within an hour or so, he was in a broker's office making bets that UBS would take a dive."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.