CIO Home | White Papers | Bloggers | Webcasts | Newsletters | RSS

|

»

Security

Feature

Dealing with Disgruntled IT Workers

Disgruntled IT workers--battered by interminable hours and impossible demands--pose a greater threat to corporate security today than ever before. Here's what you need to do to diffuse their tension.

Leave a comment

By Dan Tynan

CONNECTIONS

Jones Dykstra and Associates

Duperval Consulting

Mon, September 22, 2008 — InfoWorld — It was 9:30 on the morning of March 4, 2002, and something was terribly wrong at the offices of PaineWebber UBS. Computers in branches all over the country began showing disc errors. A logic bomb buried deep within the machines had wiped their hard drives clean, preventing 17,000 brokers from making trades.

"It was six months after 9/11," says Keith Jones, co-principal of Jones Dykstra and Associates, a computer forensics and expert witness firm. "Back then if anyone so much as sneezed, you thought 'terrorism.'"

The IT staff located the backups and restored the first batch of machines. They got wiped again. The logic bomb had propagated to the backups. The brokers gave up on their computers and went to their other backup plan: paper and pencils. UBS tech staff ultimately figured out how to bypass the bomb and restore computer access, but it was weeks before the company was back to normal. More than $3 million in damage had been done.

The culprit: Roger Duronio, a 60-year-old systems administrator. Unhappy about not receiving compensation he'd been promised, Duronio planted the logic bomb on more than 1,000 Unix machines throughout the company. He then shorted the company's stock, hoping to capitalize financially as PaineWebber's share price dropped. Instead he was convicted of computer sabotage and securities fraud. He's now serving an eight-year sentence.

RELATED LINKS

Tech Workers' Smoldering Discontent

Disgruntled IT Staffers May Seek Revenge

How to Talk to Your Boss About Being Overworked

How to Avoid Burnout

All Work and No Play Makes for Bad Employees

Other cases speak less of revenge and more of IT workers simply cracking under stress—such as the saga of Terry Childs, a network administrator for the city of San Francisco who became frustrated by his manager's lack of technical expertise and withheld administrative access to parts of the city's network. That particular incident appears to have been a freak-out rather than a premeditated criminal act. But either way, disgruntled IT workers—battered by interminable hours and impossible demands—pose a greater threat than ever.

For every Duronio or Childs that makes it into the press, there are 98 others you never hear about, says Jones, who was a key government witness in the Duronio case.

"People don't realize just how much access senior IT people have," says his partner Brian Dykstra. "The vast majority of system admins don't abuse their privileges—even if they wanted to, they're too busy. But when someone does go over the edge, they have the ability to do a great deal of damage."

1 | 2 | 3 | 4 | 5 |next page »

Comments

Print

LinkedIn

disgruntled IT workers

More from IT Drilldown « Back to Security

Articles

Gumblar Malware's Home Domain is Active Again

Developer Finds Major Coding Errors in Facebook, MySpace

Boston Celtics Clamp Down on Spam

Postini Technology to Spread Across Google Apps

Federal Data Protection Law Inches Forward

Microsoft Plans Six Patches Next Week, Ties November Record

Six Steps to Pull App Security Back to the Future

Blue Coat Slashes Staff, Buys S7 Services Company

More Articles »

Mobile Security ABCs

Get up to speed on mobile security.

Learn More »

Security Newsletter

Recent Articles

Tech Workers' Smoldering Discontent

Disgruntled Staffers May Seek IT Revenge

Five Great Ways to Drive Your Best Workers Out the Door

Security MarketSpace

8 Tactics to Combat Vulnerabilities

This white paper reviews 8 key elements of vulnerability management and provides advice on combating known vs. unknown vulnerabilities. Learn more »

Email and Web Threats Require a Layered Defense

Learn how web threats are changing and how using a layered defense strategy can give you the security you need. Learn more »

The Case for Data Protection for SMBs

Take Fraudsters Out of the Game

Easily identify account-device relationships and get data for in-depth forensic analysis. Learn more »

Mobile Security Landscape

This paper examines the current mobile security landscape, including myths surrounding the risks and threats, and how organizations can establish a solid mobile security strategy. Learn more »

Reducing Energy Costs in Your Data Center

This white paper examines the most common roadblocks to improving data center efficiency. Learn more »

Security convergence equals network security cost savings

Security convergence equals network security cost savings Learn more »

IBM ISS X-Force Threat and Risk Report

Read this Trend and Risk report from IBM® ISS X-Force® to learn statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, web-based threats, and general cyber criminal activity. Learn more »

WHITE PAPERS

8 Elements of Vulnerability Management

Secure Email and Web-Based Communication from Evolving Attacks

WagerWorks Takes Fraudsters Out of the Game Using iovation

Mobile Security: The Essential Ingredient for Today's Enterprise

IBM ISS X-Force Threat and Risk Report

A Security Blueprint Delivered From within the Network

Protecting Your Intellectual Property White Paper

Seven Technologies for Advanced Mail Protection

Seven Design Requirements for Web 2.0 Threat Protection

The Total Economic Impact of Network Security Intrusion Prevention

Aberdeen Report: Five-Step Mobility Management Plan for Lowering TCO per Mobile Employee, Reducing Risk and Increasing User Productivity

The CIO's New Guide to Design of Global IT Infrastructure

How Riverbed Helps Organizations Cut Costs

Forrester on WAN Optimization for Mobile Users

Five Steps to Successful IT Consolidation

Beyond PCI Checklists: Securing Cardholder Data with Tripwire's Enhanced File Integrity Monitoring

IDC White Paper: CCM for IT Compliance and Risk Management

FISMA Prescriptive Guide

The Business Case for Server Refresh

Red Hat Open Source Security

More White Papers »

SPONSORED LINKS

Mobile Security: The Essential Ingredient for Today's Enterprise

IDC White Paper: CCM for IT Compliance and Risk Management

Keeping Your Members Safe from Online Scams and Predators

Learn about the growing threat of insider data theft.

Cut Costs & Green Your IT Operations with PC Power Management

White Paper: 4 Customer Service Myths

White Paper: Improve Agility with Operational Responsiveness

White Paper: Legacy Tools: Not Built for the Helpdesk

Taking a Seat at the Executive Table: The Reality of Virtualization

White Paper: Next Generation Remote Infrastructure Management

Seven Design Requirements for Web 2.0 Threat Protection

Generation Remote Infrastructure Management - Changing the Paradigm

Cloud-Based Email Management: Opinion Shifts In Favor

eBook: How Can You Make Your People Productive Anywhere?

Achieving Business Agility with Application Grid

Ready to virtualize tier one applications? Check your virtualization maturity.

Seven Ways ITIL Can Help You in an Economic Downturn

Tips for successful virtualization management.

Unified Communications: Thoughts, Strategies and Predictions. Join the discussion

Read the RSA report: Security for Business Innovation

Webcast: Looking to the Cloud for Email and Collaboration Services

64-page prescriptive guide to security, compliance, and IT operations.

Keep your IT expertise up to date. Join the Intel Premier IT Professionals.

A Clear View Toward Virtualization

Virtualization Technology as a Business Solution

White Paper: Managed Security for a Not-So-Secure World

Secure Email and Web-Based Communication from Evolving Attacks

WagerWorks Takes Fraudsters Out of the Game using iovation

White Paper: A Security Blueprint Delivered From within the Network

See how AT&T can help protect your network.

Webcast: Unleashing the Power of Customer Data

White Paper: 5 Best Practices for Smartphone Support

Global Research: CIOs Weigh In On Virtualization

5 Key Virtualization Management Challenges

The Total Economic Impact of Network Security Intrusion Prevention

Join us at the US-Brazil IT-BPO Summit, on November 10th in New York.

Increase UPS efficiency without sacrificing protection.

Learn how advanced forecasting tools can deliver significant business results for global corporations.

Lower IT Costs with Oracle Database 11g Release 2

White Paper: Visibility and the New Normal of Mobile Work

Taking the Service Desk to the Next Level

Learn about The Information Technology Infrastructure Library.

Top Five CIO Challenges

Streamline IT Costs. Boost Performance with WAN Optimization.

Want to know how you can maximize employee productivity?

Build your 1st app FREE with Force.com

TDWI checklist helps define data readiness for analytics. Download report.

A new fleet of PCs with a total ROI in 10 months. Find your ROI.

eZine: A Roadmap to Reducing IT Complexity

Reduce risk, gain agility. See how Progress can help your business.

RESOURCE CENTER

© 1994 - 2009 CXO Media Inc.