Insider Threat Examples from the Media
A 63-year-old, former system administrator that was employed by UBS
PaineWebber, a financial services firm, allegedly infected the company’s net-
work with malicious code. The malicious code he used is said to have cost
UBS $3 million in recovery expenses and thousands of lost man hours. He
was apparently irate about a poor salary bonus he received. In retaliation,
he wrote a program that would delete files and cause disruptions on the
UBS network. After installing the malicious code, he quit his job.
Following, he bought “puts” against UBS. If the stock price for UBS went
down, because of the malicious code for example, he would profit from that
purchase. His malicious code was executed through a logic bomb which is
a program on a timer set to execute at a predetermined date and time. The
attack impaired trading while impacting over 1,000 servers and 17,000 indi-
vidual work stations.
A Chinese national—a programmer at Ellery Systems, a Boulder,
Colorado software ﬁrm working on advanced distributive computing soft-
ware—transferred via the Internet, the ﬁrms’ entire proprietary source code
to another Chinese national working in the Denver area.The software was
then transferred to a Chinese company, Beijing Machinery. Subsequently, for-
eign competition directly attributed to loss of the source code drove Ellery
Systems into bankruptcy.
In Detroit a former security guard at General Motors was accused of
taking employee social security numbers and using them to hack into the
company’s employee vehicle database. He was arraigned on eight counts of
obtaining, possessing, or transferring personal identity information, and on
one count of using a computer to commit a crime.
In Pune, India, police unearthed a major siphoning racket that involved
former and present call center employees. One of the employees—who had
worked in the call center for six months before quitting—had the secret PIN
codes and customer e-mail IDs used to transfer money. In league with friends,
the former employee allegedly transferred the equivalent of three hundred
and ﬁfty thousand dollars from four accounts of New York-based customers
into their own accounts opened under ﬁctitious names.They then used the
money to buy cars and electronics.
Insider Threats • Chapter 2 57
424_Wtr_Clr_02.qxd 7/26/06 4:14 PM Page 57