Programmer accused of stealing proprietary code from financial firm

Article

Programmer accused of stealing proprietary code from financial firm

SearchFinancialSecurity.com Staff

Authorities arrested a computer programmer suspected of stealing code included in the proprietary trading system of his former employer.

    Requires Free Membership to View

    Login

    SearchFinancialSecurity.com members gain immediate and unlimited access to in-depth technical advice, strategies, and expert guides for securing data in high-risk financial environments. Join me on SearchFinancialSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchFinancialSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchFinancialSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

SearchFinancialSecurity.com:
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

FBI agents arrested Sergey Aleynikov on Friday night as he got off a flight at Newark Airport in New Jersey. He is accused of copying and uploading code belonging to the financial institution he worked for to a server in Germany.

During the first week of June, Aleynikov allegedly transferred approximately 32 megabytes of information through HTTPS to a website associated with the German server, authorities said. According to the complaint, he told his employer before June that he planned to resign and work for a company involved in high-volume automated trading, and that the firm was going to pay him three times his annual salary of $400,000.

The trade secret he allegedly stole was the underlying code for a sophisticated high-speed, high-volume trading platform that the financial institution believes gives it a competitive advantage, authorities said.

The New York financial institution is not named in the complaint, but several news organizations including Reuters, identified it as The Goldman Sachs Group Inc.

According to the complaint, the firm caught the theft through monitoring large amounts of data from its network via HTTPS. The company also recovered the suspect's "bash history," or Unix commands for managing the code related to the platform.

Upon his arrest, Aleynikov allegedly told FBI agents that he only intended to collect open source files that he had worked on but later realized he obtained more files than he intended.

Security experts constantly warn of the threat posed by insiders and say the economic crisis increases the risk. A Deloitte survey of 250 CISOs in the financial-services industry released earlier this year found that 36% of respondents believe internal threats represents the greatest risk to organizations, compared to 13% who said external threats are the biggest concern.