O'Reilly logo

Enemy at the Water Cooler by Brian T Contos

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Insider Threat Examples from the Media
A 63-year-old, former system administrator that was employed by UBS
PaineWebber, a financial services firm, allegedly infected the company’s net-
work with malicious code. The malicious code he used is said to have cost
UBS $3 million in recovery expenses and thousands of lost man hours. He
was apparently irate about a poor salary bonus he received. In retaliation,
he wrote a program that would delete files and cause disruptions on the
UBS network. After installing the malicious code, he quit his job.
Following, he bought “puts” against UBS. If the stock price for UBS went
down, because of the malicious code for example, he would profit from that
purchase. His malicious code was executed through a logic bomb which is
a program on a timer set to execute at a predetermined date and time. The
attack impaired trading while impacting over 1,000 servers and 17,000 indi-
vidual work stations.
A Chinese national—a programmer at Ellery Systems, a Boulder,
Colorado software firm working on advanced distributive computing soft-
ware—transferred via the Internet, the firms’ entire proprietary source code
to another Chinese national working in the Denver area.The software was
then transferred to a Chinese company, Beijing Machinery. Subsequently, for-
eign competition directly attributed to loss of the source code drove Ellery
Systems into bankruptcy.
In Detroit a former security guard at General Motors was accused of
taking employee social security numbers and using them to hack into the
company’s employee vehicle database. He was arraigned on eight counts of
obtaining, possessing, or transferring personal identity information, and on
one count of using a computer to commit a crime.
In Pune, India, police unearthed a major siphoning racket that involved
former and present call center employees. One of the employees—who had
worked in the call center for six months before quitting—had the secret PIN
codes and customer e-mail IDs used to transfer money. In league with friends,
the former employee allegedly transferred the equivalent of three hundred
and fifty thousand dollars from four accounts of New York-based customers
into their own accounts opened under fictitious names.They then used the
money to buy cars and electronics.
www.syngress.com
Insider Threats • Chapter 2 57
424_Wtr_Clr_02.qxd 7/26/06 4:14 PM Page 57
Zhangyi Liu, a Chinese computer programmer working as a subcontractor
for Litton/PRC Inc., illegally accessed sensitive Air Force information on
combat readiness. He also copied passwords that allow users to create, change,
or delete any file on the network, and then posted the passwords on the
Internet.
In Charlotte N.C., more than one hundred thousand customers of
Wachovia Corp. and Bank of America Corp. had been notified that their
financial records may have been stolen by bank employees and sold to collec-
tion agencies. In all, nearly seven hundred thousand customers of four banks
may be affected.
A disgruntled employee is suspected of hacking a global networking con-
sultancy’s computer systems and then e-mailing staff confidential information
about forthcoming restructuring plans. New York-based networking consul-
tancy ThruPoint, which partners with Cisco and KPMG spin-off
BearingPoint, confirmed that it is conducting an investigation into the
embarrassing incident.
A Management Information Systems (MIS) professional at a military
facility learns she is going to be let go due to downsizing. She decides to
encrypt large parts of the organization’s database and hold it hostage. She con-
tacts the systems administrator responsible for the database and offers to
decode the data for ten thousand dollars in “severance pay” and a promise of
no prosecution.The organization agrees to her terms before consulting with
proper authorities. Prosecutors reviewing the case determine that the adminis-
trator’s deal precludes them from pursuing charges.
An engineer at an energy processing plant becomes upset with his new
supervisor.The engineer’s wife is terminally ill and the related stress leads to a
series of angry and disruptive episodes at work that result in probation. After
the engineer’s being sent home, the engineering staff discovers that the engi-
neer has made serious modifications to plant controls and safety systems.
When confronted, the engineer decides to withhold the password, threatening
the productivity and safety of the plant.
www.syngress.com
58 Chapter 2 • Insider Threats
424_Wtr_Clr_02.qxd 7/26/06 4:14 PM Page 58

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required