informa
/
Risk
Quick Hits

Federal Reserve Bank Contractor Arrested For Alleged Code Theft

Suspect admitted to stealing U.S. Treasury Dept.-owned program from the bank for use in his own private business
A government contractor is in custody for allegedly stealing proprietary software code from the Federal Reserve Bank of New York.

The FBI and U.S. Attorney for the Southern District of New York yesterday announced that Bo Zhang, 32, of Queens, N.Y., admitted to stealing the Government-Wide Accounting and Reporting Program (GWA) from the bank in July 2011 while he worked there as a contractor developing a piece of the GWA source code. He allegedly copied the GWA code onto an external hard drive owned by the bank and used it in a private computer programming training business.

“As today’s case demonstrates, our cyber infrastructure is vulnerable not only to cybercriminals and hackers, but also alleged thieves like Bo Zhang who used his position as a contract employee to steal government intellectual property. Fighting cyber crime is one of the top priorities of this office and we will aggressively pursue anyone who puts our computer security at risk,” said Manhattan U.S. Attorney Preet Bharara in a statement.

And FBI assistant director in charge Janice K. Fedarcyk said in a statement: “Zhang took advantage of the access that came with his trusted position to steal highly sensitive proprietary software. His intentions with regard to that software are immaterial. Stealing it and copying it threatened the security of vitally important source code.”

The $9.5 million GWA software application is owned by the U.S. Treasury Department, and tracks U.S. government finances. It handles ledger accounting within Treasury and account statements to federal agency bank customers. The source code is housed in “an access-controlled” database at the Federal Reserve Board of New York, where it’s under further development by the bank, according to the DOJ.

If convicted, Zhang could face a maximum prison sentence of 10 years, up to three years of supervised release, and up to $250,000 in fines.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5