Federal Reserve Bank Contractor Arrested For Alleged Code TheftFederal Reserve Bank Contractor Arrested For Alleged Code Theft
Suspect admitted to stealing U.S. Treasury Dept.-owned program from the bank for use in his own private business
January 20, 2012
A government contractor is in custody for allegedly stealing proprietary software code from the Federal Reserve Bank of New York.
The FBI and U.S. Attorney for the Southern District of New York yesterday announced that Bo Zhang, 32, of Queens, N.Y., admitted to stealing the Government-Wide Accounting and Reporting Program (GWA) from the bank in July 2011 while he worked there as a contractor developing a piece of the GWA source code. He allegedly copied the GWA code onto an external hard drive owned by the bank and used it in a private computer programming training business.
“As today’s case demonstrates, our cyber infrastructure is vulnerable not only to cybercriminals and hackers, but also alleged thieves like Bo Zhang who used his position as a contract employee to steal government intellectual property. Fighting cyber crime is one of the top priorities of this office and we will aggressively pursue anyone who puts our computer security at risk,” said Manhattan U.S. Attorney Preet Bharara in a statement.
And FBI assistant director in charge Janice K. Fedarcyk said in a statement: “Zhang took advantage of the access that came with his trusted position to steal highly sensitive proprietary software. His intentions with regard to that software are immaterial. Stealing it and copying it threatened the security of vitally important source code.”
The $9.5 million GWA software application is owned by the U.S. Treasury Department, and tracks U.S. government finances. It handles ledger accounting within Treasury and account statements to federal agency bank customers. The source code is housed in “an access-controlled” database at the Federal Reserve Board of New York, where it’s under further development by the bank, according to the DOJ.
If convicted, Zhang could face a maximum prison sentence of 10 years, up to three years of supervised release, and up to $250,000 in fines.
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
Tricks to Boost Your Threat Hunting GameNov 06, 2023
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Gone Phishing: How to Defend Against Persistent Phishing Attempts Targeting Your Organization
Building Immunity: The 2021 Healthcare and Pharmaceutical Industry Cyber Threat Landscape Report
Build a Case for a Password Manager