Federal Reserve contractor charged with source code theft
A developer faces up to 10 years in prison for copying the source code of a sensitive financial program
IDG News Service - A Federal Reserve contractor has been charged with copying the source code of software that keeps track of large exchanges of money between U.S. government agencies.
Bo Zhang, who lives in Queens, N.Y., worked for the Reserve Bank of New York as a computer programmer on behalf of an unnamed third-party contracting firm. He was arrested Wednesday and released on US$200,000 bail. He faces up to 10 years in prison and a $250,000 fine.
"Zhang took advantage of the access that came with his trusted position to steal highly sensitive proprietary software," said Janice Fedarcyk, Federal Bureau of Investigation assistant director-in-charge, in a statement.
Although Zhang is a Chinese national employed in the U.S. through a work visa, the FBI gave no indication that the alleged theft was espionage. "His intentions with regard to that software are immaterial. Stealing it and copying it threatened the security of vitally important source code," Fedarcyk said.
The program he allegedly copied, the Government-wide Accounting and Reporting Program (GWA), keeps track of money that is transferred among different U.S. government agencies. The U.S. Treasury Department authored the program, which cost almost $10 million to develop.
The Federal Reserve first discovered the breach and turned it over to the FBI.
The Federal Reserve Board of New York maintained GWA in an access-controlled electronic repository, along with the source code for the program. In July 2011, Zhang allegedly copied the code onto a portable hard drive and transferred it to his private office computer as well as onto a number of personal computers. According to the FBI, Zhang admitted that he had used the code for his private business, teaching computer programming.
Insider theft of software is becoming a more prevalent problem for large enterprises now that handheld thumb drives capable of storing gigabytes of information are widely available, said Keith Kupferschmid, senior vice president for intellectual property policy for the Software and Information Industry Association. Asset management software can help organizations more closely monitor against such cases of theft, though organizations may still be vulnerable to maliciously minded insiders who intimately know how the organization's systems work.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Mobile Applications Case Study: 8 Billion Transactions a Day The story documents how the online brokerage company tradeMONSTER created a custom mobile app and the success gleaned from this initiative. Also covered...
- Who's afraid of the big (data) bad wolf? Survive the big data storm by getting ahead of integration and governance functional requirements This paper provides a detailed review of the best practices clients should consider before embarking on their big data integration projects.
- Mobile Apps and Devices Slash Customer Cycle Time Consolidated Engineering Laboratories' field employees used to collect data on triplicate forms that were sometimes hard to read and difficult to manage. After...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources... All Cybercrime and Hacking White Papers | Webcasts