UBS Trial: Defense Attacks 'Sloppy' Investigation - InformationWeek
IoT
IoT
Business & Finance
News
6/21/2006
09:40 AM
50%
50%

UBS Trial: Defense Attacks 'Sloppy' Investigation

A U.S. Secret Service agent came under intense cross-examination in a computer sabotage trial Tuesday. Days after testifying that agents found a printout of malicious code in the defendant's bedroom, the defense spent most of the day hammering the lead investigator.

Newark, N.J. -- After taking it on the chin last Friday, the defense in a computer sabotage trial here pounded away at the Secret Service agent on the stand, riding him on missteps in the investigation, and once again attacking the fact that hackers worked at one of the computer forensics companies involved in the case.

Special Agent Gregory O'Neil of the U.S. Secret Service was repeated questioned by defense attorney Chris Adams about an initial forensic report with a missing page, an unidentified latent fingerprint on a key piece of evidence, and some incorrect dates on a Secret Service report.

O'Neil, who was a lead investigator in the matter, took the stand as a witness for the prosecution in the federal computer sabotage case.

Adams, a partner at Walder Hayden & Brogan in Roseland, N.J., is the lead defense lawyer for Roger Duronio, the 63-year-old former systems administrator accused of planting a logic bomb that crippled the network at UBS PaineWebber four years ago.

Duronio is facing four charges in connection with allegedly writing and planting malicious code on the Unix-based network at UBS PaineWebber, where he had been working for three years. The attack effectively took down about 2,000 of the company's servers, some of which were brought back up in a day, but others remained down for two to three weeks.

In his cross examination of O'Neil, Adams also focused his sights on one specific forensic investigator who had been a hacker before working at @Stake, Inc., the security company that UBS first called in to check out the March 4, 2002 incident.

Karl Kasper, known in the industry as John Tan, identified himself to the federal agent as John Tan, and signed documents with that name. The defense asked O'Neal why he would trust the word, or the work, of someone who gave a false name to the Secret Service. O'Neal replied that he didn't regard it as a false name, simply a name Kasper uses in the trade.

And last Friday, O'Neil said that all roads in the investigation led back to Duronio. First off, he had pointed out that a digital trail led from Duronio's home IP address through the corporate VPN and into the company's servers, on exactly the same dates and times that the malicious code was planted or modified.

O'Neil also told the jury that during the execution of a search warrant on the Duronio home, Secret Service agents found parts of the malicious code on two of his home computers, as well as printed out in a hardcopy that was found on his bedroom dresser.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll