It was 9:30 on the morning of March 4, 2002, and something was terribly wrong at the offices of PaineWebber UBS. Computers in branches all over the country began showing disc errors. A logic bomb buried deep within the machines had wiped their hard drives clean, preventing 17,000 brokers from making trades.
"It was six months after 9/11," says Keith Jones, co-principal of Jones Dykstra and Associates, a computer forensics and expert witness firm. "Back then if anyone so much as sneezed, you thought 'terrorism.'"
[ Read InfoWorld's story about IT workers being pushed to their limits. ]
The IT staff located the backups and restored the first batch of machines. They got wiped again. The logic bomb had propagated to the backups. The brokers gave up on their computers and went to their other backup plan: paper and pencils. UBS tech staff ultimately figured out how to bypass the bomb and restore computer access, but it was weeks before the company was back to normal. More than $3 million in damage had been done.
The culprit: Roger Duronio, a 60-year-old systems administrator. Unhappy about not receiving compensation he'd been promised, Duronio planted the logic bomb on more than 1,000 Unix machines throughout the company. He then shorted the company's stock, hoping to capitalize financially as PaineWebber's share price dropped. Instead he was convicted of computer sabotage and securities fraud. He's now serving an eight-year sentence.
Other cases speak less of revenge and more of IT workers simply cracking under stress -- such as the saga of Terry Childs, a network administrator for the city of San Francisco who became frustrated by his manager's lack of technical expertise and withheld administrative access to parts of the city's network. That particular incident appears to have been a freak-out rather than a premeditated criminal act. But either way, disgruntled IT workers -- battered by interminable hours and impossible demands -- pose a greater threat than ever.
[ Follow the Terry Childs saga blow by blow in InfoWorld's special report. | Read the actual court documents. ]
For every Duronio or Childs that makes it into the press, there are 98 others you never hear about, says Jones, who was a key government witness in the Duronio case.
"People don't realize just how much access senior IT people have," says his partner Brian Dykstra. "The vast majority of system admins don't abuse their privileges -- even if they wanted to, they're too busy. But when someone does go over the edge, they have the ability to do a great deal of damage."
And the consequences can be devastating.
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive InfoWorld Resource Alerts
4 Recommendations
