The story of the systems administrator found guilty of attacking UBS's network should stand as a warning to every company: Beware the insider you trust to protect your system--he or she could be your worst enemy. The government's forensics investigator says UBS took an important step when it examined the 2002 attack on its system. Here are some tips on creating your own successful postmortem report. The government's forensics investigator spent more than three years pouring over UBS's records and analyzing its network in preparation for the computer sabotage trial. Here are his top-five lists for what the company did right after the attack, and what it could have done better before. Prosecutors will seek an eight-year prison sentence for 63-year-old Roger Duronio, once a systems administrator for UBS PaineWebber, convicted Wednesday of launching an attack that brought down the company network. The jury asked to examine several pieces of evidence, and two jurors were dismissed after the case went to the jury last week. The defense cast doubt on the role that a one-time famous hacker played in the investigation. The defense in a federal computer sabotage case told the jury that the government was working with federal and private investigators to frame his client. The prosecution said the claim was a far-fetched conspiracy theory. The case now is in the hands of a jury. Read on for a snapshot of the key details and arguments in the UBS PaineWebber trial. Defendant Roger Duronio, a former UBS PaineWebber employee charged with planting a logic bomb that crippled his former employer's network, was a dangerous combination of disgruntled employee and a man in financial straits, prosecutors said in closing arguments to the jury. As testimony concluded, the defense continued to try to show that the prosecution used unreliable evidence to charge the 63-year-old IT manager with introducing a logic bomb that brought down his former employer's network. Kevin Faulkner, forensics investigator, says the lack of mirror image data from the attacked UBS server calls into question exactly what was done and by whom. The prosecution's forensics expert and star witness sparred with the defense Wednesday, taking on often heated questions about hackers and the validity of his analysis. A forensics investigator testifying at the computer sabotage trial of a former systems administrator for UBS PaineWebber detailed how each line of code in the trigger helped set off a devastating logic bomb. Planning for success, the perpetrator of the UBS attack installed the trigger mechanism of the logic bomb that brought down the company's network four years ago, twice on every server it targeted. In the ongoing UBS computer sabotage trial, the government's forensics expert testified that he connected defendant Roger Duronio's username and home computer directly to the logic bomb that took down the company network. A U.S. Secret Service agent came under intense cross-examination in a computer sabotage trial Tuesday. Days after testifying that agents found a printout of malicious code in the defendant's bedroom, the defense spent most of the day hammering the lead investigator. As the trial continues for an ex-UBS systems administrator charged with sabotaging the company's networks, the defense attorney called into question the investigator's evidence and means of collecting it, as well as information and people who weren't investigated. The defense in an ongoing computer sabotage trial is suggesting that a hacker used IP spoofing to impersonate his client and plant the malicious code that took down part of the UBS PaineWebber network four years ago. Security pros say that's nearly impossible to do. Part of the malicious code that crippled the network at UBS PaineWebber in 2002 was found on two computers, and printed out on a hard copy found on a bedroom dresser, in the home of a former UBS systems administrator who's accused of the crime. A U.S. Secret Service agent testified that a search of Roger Duronio's home turned up part of a logic bomb on two of his home computers, and in a printout found lying on top of a bedroom dresser. The defense, meanwhile, pounded away at UBS PaineWebber's security lapses. This past week, the government laid out its case for how the defendant allegedly planned to profit from taking down UBS PaineWebber's network. Prosecutors say his "risky" investments would have only paid off if the stock dropped. The defense argues he simply had an aggressive investment strategy. Prosecutors say the accused caused chaos by planting simple code. The defense says dozens of people had the access to cause the problem without being identified. A financial advisor testified that the defendant bet heavily on "put" contracts that would pay off if the company's stock crashed quickly. Soon afterwards, prosecutors say, the defendant's logic bomb took down much of the company network. Defendant Roger Duronio was "visibly upset" and red-faced and delivered an ultimatum: Give him a lucrative contract or he'd walk, said Duronio's ex-boss, testifying against him in a criminal hacking trial. The logic bomb had a "catastrophic impact," bringing operations to a standstill and wiping out servers around the country, according to testimony from an IT manager for the company. Prosecutors claim the defendant, a former systems administrator for the company, set off a logic bomb designed to crash the network to get revenge for not being paid what he thought he was worth. But the defense argues anyone could have made the "sophomoric" attack. The trial is scheduled to start Tuesday for a former employee charged with building and planting malicious code that took down two-thirds of the company's network, hindering investment trading for several weeks and racking up $3 million in recovery costs. But the defendant's lawyer says the cops got the wrong man. Attack highlights difficulties businesses face in securing systems from insiders who turn bad. |