Ex-UBS Sys Admin Found Guilty, Prosecutors To Seek Maximum Sentence - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Business & Finance

Ex-UBS Sys Admin Found Guilty, Prosecutors To Seek Maximum Sentence

Prosecutors will seek an eight-year prison sentence for 63-year-old Roger Duronio, once a systems administrator for UBS PaineWebber, convicted Wednesday of launching an attack that brought down the company network.

The systems administrator found guilty Wednesday of launching an attack on UBS PaineWebber four years ago now faces a maximum of 6-1/2 to eight years in federal prison. And federal prosecutors say they will be asking for the maximum sentence.

After about 20 hours of deliberation, the jury returned a guilty verdict on two out of four charges for Roger Duronio, 63, of Bogota, N.J. Duronio was found guilty of computer sabotage and securities fraud. He was acquitted on two counts of mail fraud. He will be sentenced at a later date.

Karina Byrne, a spokeswoman for UBS, said executives at the company appreciate the hard work the entire prosecution team put into the case and are just happy to get the incident behind them.

"UBS is committed to ensuring the safety and security of our computer system," she read from a prepared statement. "We're grateful for the hard work of the jury."

The six-week trial saw dueling forensics experts from the government and the defense take the stand. The government also put Duronio's former supervisor at UBS on the stand, along with UBS employees who worked on fixing the problem back in March of 2002, his two stock brokers, and the U.S. Secret Service agent who led the investigation. In sharp contrast, the defense only put on two witnesses--the forensics expert and a corporate lawyer from UBS who was questioned about documents the company was not able to supply and what happened to different computers after the attack.

UBS was hit on March 4, 2002, at 9:30 in the morning, just as the stock market opened for the day. Files were deleted from up to 2,000 servers in both the central data center in Weehawken, N.J., and in branch offices around the country. Company representatives never reported the cost of lost business but did say it cost the company more than $3.1 million to get the system back up and running.

Duronio worked at UBS as a systems administrator until he quit a few weeks before the attack. Witnesses testified that he quit because he was angry that he didn't receive as large an annual bonus as he expected. Investigators found copies of the malicious code on two of his home computers and on a printout sitting on his bedroom dresser.

The defense argued that the UBS network was riddled with security holes that would have allowed any number of people to masquerade as Duronio and move around the network unnoticed. They also argued that the evidence available--in the form of backup tapes for the damaged servers--was incomplete, leaving holes in the picture of what happened in the months before the security incident.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2019 State of DevOps
2019 State of DevOps
DevOps is needed in today's business environment, where improved application security is essential and users demand more applications, services, and features fast. We sought to see where DevOps adoption and deployment stand, this report summarizes our survey findings. Find out what the survey revealed today.
Slideshows
How to Land a Job in Cloud Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  6/19/2019
Commentary
How to Convince Wary Customers to Share Personal Information
John Edwards, Technology Journalist & Author,  6/17/2019
Commentary
The Art and Science of Robot Wrangling in the AI Era
Guest Commentary, Guest Commentary,  6/11/2019
Register for InformationWeek Newsletters
Video
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll