Attacks/Breaches
8/28/2013
09:55 AM
50%
50%

Feds Charge Wall Street Traders With Code Theft

Three men accused of stealing Flow Traders' proprietary high-frequency trading information and algorithms.

Three men have been charged by Manhattan district attorney Cyrus Vance Jr. with stealing proprietary information from Amsterdam-based trading house Flow Traders.

All three, who are in their 20s, were arrested earlier this month -- based on information provided by Flow Traders -- and arraigned in New York state court, The Wall Street Journal first reported. Since then, the district attorney's office, working with the Secret Service, has been investigating the related charges and obtaining search warrants, with the cooperation of Flow Traders.

A related complaint recently filed in federal court accused Glen Cressman, a trader at the firm's New York office, of emailing copies of proprietary information such as trading strategies and algorithms -- although no source code -- to himself in December 2012. The complaint charged Cressman with two counts each of unlawfully duplicating computer-related material, as well as unauthorized use of secret scientific material.

Jason Vuu, 26, who worked at Flow Traders before resigning in March, was charged with 20 counts total of the two same offenses. Vuu reportedly emailed material -- including source code -- to himself between August 2011 and August 2012, sometimes altering the names of attached files in an apparent attempt to avoid detection.

The third person to be charged, Simon Lu, is a doctoral candidate in mechanical engineering at Carnegie Mellon University, and not a Flow Traders employee, and faces three counts each on the same two offenses.

[ Want to know more about last week's Nasdaq outage? Read Nasdaq Outage Explored: 7 Facts. ]

Authorities said that Lu and Vuu became friends while studying at the Massachusetts Institute of Technology, and planned to set up their own high-frequency trading firm. According to court documents, Lu told Vuu in emails and chat sessions that obtaining Flow Traders' source code could prove valuable for setting up their business. Vuu then obtained the information and shared it with Lu via Dropbox.

Cressman hasn't been accused of being involved in the plan to set up a high-speed trading firm, and his attorney, Charles Ross, told the Journal that his client was innocent of the charges filed against him. "He was a great employee for Flow Traders. I am confident that when everything is put on the table, the case against him will completely unravel," he said.

Vuu's attorney, Jeremy Saland, admitted that his client had emailed code to himself without authorization, but said that Flow Traders had suffered no harm. "I'm confident that when the DA's office has completed their investigation they will find Flow Traders did not suffer any economic loss," Saland told Bloomberg. "Their algorithms and code weren't taken or used in any malicious way that damaged or compromised their financial security."

Lu's attorney, Paul Shechtman of Zuckerman Spaeder, told the Journal that he believes "the evidence will show that Simon never used source code from Flow Traders. We've asked the district attorney's office to keep an open mind as this moves forward."

The three men are due back in court on November 18. Even if convicted of all the charges against them, however, they face -- at most -- four years in prison. According to legal experts interviewed by the Journal, if convicted it's unlikely they'd serve any time at all.

High-frequency trading involves exploiting small stock-price fluctuations, and firms may execute an enormous number of such trades in just a fraction of a second. The algorithms underpinning those systems are closely guarded secrets, and can earn a firm hundreds of millions of dollars per year.

But the theft of related, proprietary source code and algorithms from financial firms isn't rare, according to a Wall Street & Technology report, which last year counted at least six related U.S. prosecutions since November 2010. Those cases involved employees at such banks as Goldman Sachs, Societe Generale and the Federal Reserve Bank of New York. In many instances, the accused appeared to have been motivated by the lure of higher salaries at other firms, as well as a sense of ownership over algorithms they'd helped to develop.

Expect the pace of such prosecutions to increase, as Manhattan prosecutors are reportedly readying more cases against people who've allegedly stolen code from Wall Street firms. "Employees who exploit their access to sensitive information should expect to face criminal prosecution in New York State in appropriate cases," Vance said in a statement last year.

But are stolen algorithms and valuation logic, which may involve thousands of lines of code, useful for others? Flow Traders' outside counsel, attorney Joseph DeMarco, told the Journal that the firm sees the code as "valuable intellectual property used by the company in its trading business." Marco is a former federal prosecutor who launched a computer hacking and intellectual property program working at the Manhattan U.S. Attorney's office.

But whether stolen high-frequency trading source code can be put to use in another IT environment remains a long-running debate in the financial sector. Some high-frequency trading experts say the code is intrinsically linked to the environment in which it's being run, requires teams of programmers to maintain, and thus is of little use to another organization. Others, however, such as UBS, Goldman Sachs and now Flow Traders, have aggressively pursued suspected code stealers.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
David F. Carr
50%
50%
David F. Carr,
User Rank: Apprentice
8/30/2013 | 1:26:24 PM
re: Feds Charge Wall Street Traders With Code Theft
If you're going to steal, steal BIG
Michael Endler
50%
50%
Michael Endler,
User Rank: Apprentice
8/28/2013 | 6:29:00 PM
re: Feds Charge Wall Street Traders With Code Theft
I'm oversimplifying the issue, but it's sort of ironic that prosecutions get stepped up when financial industry guys try to steal from one another. When the financial industry wrecks the economy for everyone else, though, not so much.
MedicalQuack
50%
50%
MedicalQuack,
User Rank: Apprentice
8/28/2013 | 4:50:43 PM
re: Feds Charge Wall Street Traders With Code Theft
I say prove it. The last case at Goldman was a farce and actually Goldman might want to look up old Sergey as I read he has some great engineering skills too:) If they found reworked code as they say, run it and see what it does. Also the traders unless they understand programming would have to be coached to determine what to share in Drop Box, a lot left out here and look at the reference to the Goldman/Sergey story from the FBI on "subversion"...if you are in tech you will laugh your fanny off at that one as the agent admits he had no clue what it was:) I wrote up my commentary on all of this...are we going to see another circus when it comes to proving theft here as a jury of peers in complex cases like this might be impossible to find and you have to watch the "experts" called in too as they can fabricate to win a case if no other experts dispute it:)

http://ducknetweb.blogspot.com...

Again find out who was "coaching" the traders on what code to put into Drop Box I say:)
RobPreston
50%
50%
RobPreston,
User Rank: Apprentice
8/28/2013 | 4:09:06 PM
re: Feds Charge Wall Street Traders With Code Theft
High-frequency trading algorithms aren't a bunch of credit card or social security numbers. Protecting (extremely valuable) intellectual property is the next frontier in information security.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: just wondering...Thanx
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.