Attacks/Breaches
8/28/2013
09:55 AM
Connect Directly
RSS
E-Mail
50%
50%

Feds Charge Wall Street Traders With Code Theft

Three men accused of stealing Flow Traders' proprietary high-frequency trading information and algorithms.

Three men have been charged by Manhattan district attorney Cyrus Vance Jr. with stealing proprietary information from Amsterdam-based trading house Flow Traders.

All three, who are in their 20s, were arrested earlier this month -- based on information provided by Flow Traders -- and arraigned in New York state court, The Wall Street Journal first reported. Since then, the district attorney's office, working with the Secret Service, has been investigating the related charges and obtaining search warrants, with the cooperation of Flow Traders.

A related complaint recently filed in federal court accused Glen Cressman, a trader at the firm's New York office, of emailing copies of proprietary information such as trading strategies and algorithms -- although no source code -- to himself in December 2012. The complaint charged Cressman with two counts each of unlawfully duplicating computer-related material, as well as unauthorized use of secret scientific material.

Jason Vuu, 26, who worked at Flow Traders before resigning in March, was charged with 20 counts total of the two same offenses. Vuu reportedly emailed material -- including source code -- to himself between August 2011 and August 2012, sometimes altering the names of attached files in an apparent attempt to avoid detection.

The third person to be charged, Simon Lu, is a doctoral candidate in mechanical engineering at Carnegie Mellon University, and not a Flow Traders employee, and faces three counts each on the same two offenses.

[ Want to know more about last week's Nasdaq outage? Read Nasdaq Outage Explored: 7 Facts. ]

Authorities said that Lu and Vuu became friends while studying at the Massachusetts Institute of Technology, and planned to set up their own high-frequency trading firm. According to court documents, Lu told Vuu in emails and chat sessions that obtaining Flow Traders' source code could prove valuable for setting up their business. Vuu then obtained the information and shared it with Lu via Dropbox.

Cressman hasn't been accused of being involved in the plan to set up a high-speed trading firm, and his attorney, Charles Ross, told the Journal that his client was innocent of the charges filed against him. "He was a great employee for Flow Traders. I am confident that when everything is put on the table, the case against him will completely unravel," he said.

Vuu's attorney, Jeremy Saland, admitted that his client had emailed code to himself without authorization, but said that Flow Traders had suffered no harm. "I'm confident that when the DA's office has completed their investigation they will find Flow Traders did not suffer any economic loss," Saland told Bloomberg. "Their algorithms and code weren't taken or used in any malicious way that damaged or compromised their financial security."

Lu's attorney, Paul Shechtman of Zuckerman Spaeder, told the Journal that he believes "the evidence will show that Simon never used source code from Flow Traders. We've asked the district attorney's office to keep an open mind as this moves forward."

The three men are due back in court on November 18. Even if convicted of all the charges against them, however, they face -- at most -- four years in prison. According to legal experts interviewed by the Journal, if convicted it's unlikely they'd serve any time at all.

High-frequency trading involves exploiting small stock-price fluctuations, and firms may execute an enormous number of such trades in just a fraction of a second. The algorithms underpinning those systems are closely guarded secrets, and can earn a firm hundreds of millions of dollars per year.

But the theft of related, proprietary source code and algorithms from financial firms isn't rare, according to a Wall Street & Technology report, which last year counted at least six related U.S. prosecutions since November 2010. Those cases involved employees at such banks as Goldman Sachs, Societe Generale and the Federal Reserve Bank of New York. In many instances, the accused appeared to have been motivated by the lure of higher salaries at other firms, as well as a sense of ownership over algorithms they'd helped to develop.

Expect the pace of such prosecutions to increase, as Manhattan prosecutors are reportedly readying more cases against people who've allegedly stolen code from Wall Street firms. "Employees who exploit their access to sensitive information should expect to face criminal prosecution in New York State in appropriate cases," Vance said in a statement last year.

But are stolen algorithms and valuation logic, which may involve thousands of lines of code, useful for others? Flow Traders' outside counsel, attorney Joseph DeMarco, told the Journal that the firm sees the code as "valuable intellectual property used by the company in its trading business." Marco is a former federal prosecutor who launched a computer hacking and intellectual property program working at the Manhattan U.S. Attorney's office.

But whether stolen high-frequency trading source code can be put to use in another IT environment remains a long-running debate in the financial sector. Some high-frequency trading experts say the code is intrinsically linked to the environment in which it's being run, requires teams of programmers to maintain, and thus is of little use to another organization. Others, however, such as UBS, Goldman Sachs and now Flow Traders, have aggressively pursued suspected code stealers.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
David F. Carr
50%
50%
David F. Carr,
User Rank: Apprentice
8/30/2013 | 1:26:24 PM
re: Feds Charge Wall Street Traders With Code Theft
If you're going to steal, steal BIG
Michael Endler
50%
50%
Michael Endler,
User Rank: Apprentice
8/28/2013 | 6:29:00 PM
re: Feds Charge Wall Street Traders With Code Theft
I'm oversimplifying the issue, but it's sort of ironic that prosecutions get stepped up when financial industry guys try to steal from one another. When the financial industry wrecks the economy for everyone else, though, not so much.
Medicalquack
50%
50%
Medicalquack,
User Rank: Apprentice
8/28/2013 | 4:50:43 PM
re: Feds Charge Wall Street Traders With Code Theft
I say prove it. The last case at Goldman was a farce and actually Goldman might want to look up old Sergey as I read he has some great engineering skills too:) If they found reworked code as they say, run it and see what it does. Also the traders unless they understand programming would have to be coached to determine what to share in Drop Box, a lot left out here and look at the reference to the Goldman/Sergey story from the FBI on "subversion"...if you are in tech you will laugh your fanny off at that one as the agent admits he had no clue what it was:) I wrote up my commentary on all of this...are we going to see another circus when it comes to proving theft here as a jury of peers in complex cases like this might be impossible to find and you have to watch the "experts" called in too as they can fabricate to win a case if no other experts dispute it:)

http://ducknetweb.blogspot.com...

Again find out who was "coaching" the traders on what code to put into Drop Box I say:)
RobPreston
50%
50%
RobPreston,
User Rank: Apprentice
8/28/2013 | 4:09:06 PM
re: Feds Charge Wall Street Traders With Code Theft
High-frequency trading algorithms aren't a bunch of credit card or social security numbers. Protecting (extremely valuable) intellectual property is the next frontier in information security.
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-4988
Published: 2014-07-09
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.

CVE-2014-0207
Published: 2014-07-09
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

CVE-2014-0537
Published: 2014-07-09
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via uns...

CVE-2014-0539
Published: 2014-07-09
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via uns...

CVE-2014-3309
Published: 2014-07-09
The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.