Attacks/Breaches

4/11/2017
09:50 AM
50%
50%

Computer Engineer Charged with Theft of Proprietary Computer Code

Zhengquan Zhang arrested for stealing over 3 million files containing company trade secrets from his employer, a global finance firm.

Zhengquan Zhang of California has been arrested and charged by a US federal court with stealing trade secrets from his employer, a New York financial services firm. A US Department of Justice (DoJ) release says that between March 2016 and March 2017, Zhang stole over three million files of confidential data and computer code.

According to the DoJ, Zhang stole the company’s source code for algorithmic trading models and trading platforms by installing a code that gained access to the network’s encryption keys. He allegedly also stored the stolen files on his employer’s network before installing another code to transfer the data to a third-party software development site.

William F. Sweeney Jr. of the FBI says, “Proprietary computer code may not be a tangible asset that people can observe, but it is indeed one of the most critical assets that companies possess.”

Zhang is also accused of illegally accessing the computers of his co-workers by stealing user credentials.

Read details here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
qinezyqy
50%
50%
qinezyqy,
User Rank: Apprentice
6/27/2017 | 8:24:32 AM
it will increase
Theft like this will increase, a lot of engineers are not good persons.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/11/2017 | 3:16:35 PM
Insider Threat
This is a perfect example of the potential of insider threats. Employees are a huge risk based on the nature of their involvement with the company. They have credentials that may provide them upper level access and have access to proprietary information. It just takes one disgruntled employee to leverage these responsibilities in a nefarious manner.
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11506
PUBLISHED: 2019-04-24
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to Expo...
CVE-2019-8991
PUBLISHED: 2019-04-24
The administrator web interface of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO Silver Fabric Enabler for ActiveMatrix BPM, and TIB...
CVE-2019-8992
PUBLISHED: 2019-04-24
The administrative server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO ActiveMatrix Service Grid Distribution for TIBC...
CVE-2019-8993
PUBLISHED: 2019-04-24
The administrative web server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO ActiveMatrix Service Grid Distribution for ...
CVE-2019-8994
PUBLISHED: 2019-04-24
The workspace client of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM contains vulnerabilities where an authenticated user can change settings that can theoretically adversely impact oth...