Description

In this activity, you are going to analyze a real-life Insider Threat action where files were deleted to intentionally drop a stock trading server, resulting in millions of damages to UBS-PaineWebber (UBS-PW) while generating stock trade benefits to the perpetrator. This assignment explores and applies key concepts presented in all course modules to date.

For this assignment, read the following, analyze the case study, and conduct research to answer the specified questions in a 4-5 page paper using current APA format:

  • 7.4 Case Study 3: The Weakest Link (Links to an external site.) (in Chapter 7: Theory into Practice, pages 135-140)
    • DeFranco, J. (2014). What every engineer should know about cybersecurity and digital forensics. Boca Raton, FL: CRC Press.
    • Summary: The Case Study provides a well-structured narrative of circumstances surrounding the criminal case (outlined in greater technical detail below).

(This case study is readily available via the Hunt Library as a ProQuest “ebrary” book: Make sure you are logged into ERNIE when accessing the link)


This is an Insider Threat Case Study. UBS-PaineWebber (UBS-PW) employee Roger Duronio became disenchanted because he was dissatisfied with his pay bonus, and his pay in general. Before leaving the company in anger, he planted a logic bomb that deleted numerous files and caused UBS-PW stock trading servers to become inoperable. This, in turn, caused a multi-million dollar stock price drop that Duronio profited from by placing put options on the stock before it crashed due to his actions.

This is a research assignment. Be sure to use and cite any of the reading or viewing resources presented in this course to date, plus at least 5 additional outside resources you find on your own, to help formulate your essay answers to the questions below. In total, you need to reference a minimum of at least 8 resources (using current APA format) in your essay. Again, material from assigned Readings, Supplemental Readings, videos, and presentations should be used to support your completion of this assignment.

Format:

Create a 4 page essay (Main Body section), using current APA format (Links to an external site.) (i.e., 12 pt. Times New Roman font, double-spacing, and one-inch margins, etc.) making sure to answer each research question.

Your paper should include sections for a Title Page, Introduction, Main Body, Conclusion, and References.


Answer the following questions in essay format:

  1. Duronio faced charges of computer sabotage, securities fraud, and mail fraud. Identify one or more specific laws applicable to each charge that he was prosecuted under, and why they applied in this case.
  2. Why did Duronio’s defense attorney, Chris Adams, target CISCO and @Stake Inc. in defense of Duronio, and what was he trying to accomplish?
  3. What forensic planning/analysis failure opened the door for this argument?
  4. UBS’s security configuration allowed more than one person to log onto the system at the exact same time using the same USERID and password. Why did this work in the defense’s favor?
  5. Did UBS have a well-formed IT security organization, and how did this affect the trial proceedings?
  6. As an IT security expert or manager assigned to help UBS recover from this incident, what recommendations would you make to them if you were hired as an outside consultant?

Refer to the rubric for grading criteria.

MISA 505 5.4 Individual Case Study Rubric

MISA 505 5.4 Individual Case Study Rubric

Criteria Ratings Pts

This criterion is linked to a Learning OutcomeIdentification and Analysis of the Main Issues/Problem

20.0 pts

18.0 pts

16.0 pts

14.0 pts

20.0 pts

This criterion is linked to a Learning OutcomeComments on effective solutions/strategies

20.0 pts

18.0 pts

16.0 pts

14.0 pts

20.0 pts

This criterion is linked to a Learning OutcomeAnswers to Case Study Questions

30.0 pts

27.0 pts

24.0 pts

21.0 pts

30.0 pts

This criterion is linked to a Learning OutcomeStyle and Mechanics including use of APA style

30.0 pts

26.0 pts

23.0 pts

20.0 pts

30.0 pts

Total Points: 100.0