Prosecution Witness: UBS PaineWebber Network Still Suffering Four Years After Attack - InformationWeek
11:05 PM

Prosecution Witness: UBS PaineWebber Network Still Suffering Four Years After Attack

The logic bomb had a "catastrophic impact," bringing operations to a standstill and wiping out servers around the country, according to testimony from an IT manager for the company.

Newark, N.J. -- The network at UBS PaineWebber is still suffering damage four years after a logic bomb attack, said an IT manager for the company in testimony Wednesday in a trial against the accused attacker.

While trading resumed in the days following the March 4, 2002, attack, some of the information on the approximately 2,000 Unix-based servers in the home office and 370 branch offices that were hit by the malicious code was never fully restored, according to Elvira Maria Rodriguez, the then-IT manager in charge of maintaining the stability of the company servers.

"I don't believe we were ever back to that point," said Rodriguez, who was the first witness called in the federal criminal trial against Roger Duronio, 63, a former systems administrator at UBS PaineWebber. "We were always having issues with these large-scale servers [after the attack]. We never had the luxury to focus on completely going over all the servers. We just didn't have the time."

She said it would have taken her a year to make all the servers right again, even if that was all she had to do every day. "We just had to learn to live with it," she said.

Rodriguez said the attack had a "catastrophic impact," bringing operations to a standstill and wiping out servers not just in the central data center, but around the country.

Duronio faces four counts, including computer sabotage, securities fraud, and mail fraud, in connection with the incident, which left about 8,000 of the company's brokers without the ability to trade for a day or more, and 9,000 other workers without the ability to access their desktops. It also leveled servers in the company's home office in Weehawken, N.J., and in nearly every branch office around the country.

The trial was in its second day in U.S. District Court on Wednesday.

Chris Adams, Duronio's defense attorney and a partner at Walder, Hayden & Brogan in Roseland, N.J., says his client isn't to blame for what he called the "unsophisticated and sophomoric" code that, he added, was most likely planted as a prank. Adams says the company network was riddled with security holes that allowed people to "walk around in the system undetected and masquerade as someone else."

The Plot

In his opening statement Tuesday, Assistant U.S. Attorney V. Grady O'Malley laid out the government's case against Duronio, whose own lawyer describe him as an experienced computer programmer. O'Malley told jurors Duronio sought revenge against his employer by building and disseminating the logic bomb, which was designed to delete all the files in the host server in the central data center and in every server in every U.S. branch office. Duronio was allegedly also looking to make up for some of the money he felt he'd been denied.

The government contends Duronio wanted to take home $175,000 a year. He had a base salary of $125,000 and stood to get a maximum annual bonus of $50,000. But the bonus came in $18,000 shy of his expectations.

When he didn't receive the full bonus, he went to his supervisor to make his case for more money. When that move was rejected, O'Malley says Duronio quit his job, leaving the malicious code in place to wreak havoc on the preplanned date and time.

But Duronio didn't end his plan there, according to prosecutors. He wanted revenge, but he also wanted to make some money off his endeavor. Duronio left UBS for the last time and went to a broker's office, where he spent the money he got from cashing out his and his wife's $20,000 IRA on several "put" options. This is a type of investment that only pays out if the company's stock drops in value.

Duronio, according to O'Malley, raised the stakes on this bet by putting a short time frame on it--he risked everything on UBS's stock taking a dive within 11 days.

Despite the damage, UBS's stock didn't drop, and Duronio's investments didn't pay off.

Sleepless In Weehawken

In the second day of her testimony, which lasted a total of five hours, Rodriguez told jurors that she spent a full night on a conference call with a slew of the 200 IBM tech workers who were called in to help restore the branch servers.

1 of 2
Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll