Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Crime IT

Wall Street IT Engineer Hacks Employer To See If He'll Be Fired (bleepingcomputer.com) 198

An anonymous reader writes: A Wall Street engineer was arrested for planting credentials-logging malware on his company's servers. According to an FBI affidavit, the engineer used these credentials to log into fellow employees' accounts. The engineer claims he did so only because he heard rumors of an acquisition and wanted to make sure he wouldn't be let go. In reality, the employee did look at archived email inboxes, but he also stole encryption keys needed to access the protected source code of his employer's trading platform and trading algorithms.

Using his access to the company's Unix network (which he gained after a promotion last year), the employee then rerouted traffic through backup servers in order to avoid the company's traffic monitoring solution and steal the company's source code. The employee was caught after he kept intruding and disconnecting another employee's RDP session. The employee understood someone hacked his account and logged the attacker's unique identifier. Showing his total lack of understanding for how technology, logging and legal investigations work, the employee admitted via email to a fellow employee that he installed malware on the servers and hacked other employees.

This discussion has been archived. No new comments can be posted.

Wall Street IT Engineer Hacks Employer To See If He'll Be Fired

Comments Filter:
  • by Anonymous Coward on Sunday April 23, 2017 @11:54PM (#54290227)

    Yes...

  • Idiot. (Score:5, Interesting)

    by YukariHirai ( 2674609 ) on Monday April 24, 2017 @12:02AM (#54290253)

    It didn't seem to occur to him that if he hacked them, it would make the answer to the question of "will he be fired?" a very definite "yes".

    Of course, that's if we take his claims at face value; he was clearly looking to get a lot of other stuff, and that's the best excuse he could find. But he's still an idiot for thinking he wouldn't get caught and admitting in an email that he did it.

    • He just needed to be sure!
    • Unless that is, someone else hacked his email to confess on his behalf. And then, the entire story makes more sense.

      • by Dr. Evil ( 3501 )

        You're right, the story doesn't make sense. The only thing which seems certain is that this guy was caught performing corporate espionage.

        His explanation should be assumed to be a lie.

  • by Frosty Piss ( 770223 ) * on Monday April 24, 2017 @12:05AM (#54290255)

    So a guy hacks his employer to steal proprietary code, gets caught and arrested? Who would have thought!

    • Re:Wow. (Score:5, Funny)

      by lucm ( 889690 ) on Monday April 24, 2017 @12:26AM (#54290311)

      The guy hacked A UNIX NETWORK! I heard those networks are hardcore, some even use the vi protocol to load balance the kernel across multiple NFS loopbacks. It's basically POSIX grade security with layers upon layers of nmaps.

      • The guy hacked A UNIX NETWORK! I heard those networks are hardcore, some even use the vi protocol to load balance the kernel across multiple NFS loopbacks. It's basically POSIX grade security with layers upon layers of nmaps.

        But is this UNIX webscale ? And does it enough Apps to synergize the user experience integration with cyberwarfare cryptosecurity ?

      • Comment removed based on user account deletion
        • CBS is the same network that put out CSI: Cyber. If you're going to joke about a bad show, at least aim for the lower-hanging fruit.

          • Comment removed based on user account deletion
            • we're also looking into commissioning a pilot for a new show called NCIS:Cyber, featuring the Naval Criminal Intelligence agencies that protect our brave Marines from hackers.

              ... and protect them against vaping also, I hope?

      • The guy hacked A UNIX NETWORK! I heard those networks are hardcore, some even use the vi protocol to load balance the kernel across multiple NFS loopbacks. It's basically POSIX grade security with layers upon layers of nmaps.

        This wouldn't have happened on a Windows network.

    • Re:Wow. (Score:5, Insightful)

      by Opportunist ( 166417 ) on Monday April 24, 2017 @05:21AM (#54290901)

      Should've gone into finance, embezzle some millions and pay a few thousands as a fine instead. Far more profitable.

      • Should have become a financial executive, cause a global financial downturn, and get a couple billion in bonuses.

        • Well, if you could bullshit a couple million employers into taking pay cut after pay cut by pretending there was a crisis while everyone on C-Level gets to rake in bonus after bonus, I bet everyone at C-Level would agree that you deserve those billions, too.

  • by __aaclcg7560 ( 824291 ) on Monday April 24, 2017 @12:13AM (#54290275)

    Meanwhile, the last guy who stole code from Wall Street, Sergey Aleynikov, who inspired the book, "Flash Boys: A Wall Street Revolt" [amzn.to] by Michael Lewis, is still in the legal system after eight year.

    http://nypost.com/2017/02/23/ex-goldman-programmer-appeals-court-conviction/ [nypost.com]

    • @Sergey Aleynikov (Score:4, Interesting)

      by Anonymous Coward on Monday April 24, 2017 @12:35AM (#54290325)

      "Aleynikov worked as a programmer for Goldman’s high-frequency trading operation until 2009, when he left to take a similar job at a Chicago firm, Teza Technologies....Aleynikov made a copy of the bank’s source code. Goldman complained to the FBI, which arrested Aleynikov at Newark airport.....Aleynikov doesn’t dispute he took the code, but claims he wanted to study it. His lawyer says that he didn’t break any criminal laws, and the matter should be a civil dispute."

      Sort of reminds me of a certain Uber employee who took 19000 documents from Google on their self driving car, and insists he never read them and in no way have they been used by Uber, which bought his 'skills' when they aquired his self driving company.

      Once upon of time this was corporate espionage, now it seems to be common place.

      • Once upon of time this was corporate espionage, now it seems to be common place.

        Except what he stole was source code files that contain modifications (some of it his own code that he developed outside of work) for open source programs. His company called the FBI to keep a star programmer from working someone else. The FBI thought they had a Russian spy because they didn't understand what he did or didn't do as a programmer. He beat the rap twice in the last eight years. Now that he has a new job lined up doing the same kind of work that he has done before, the case got revived.

        • Except what he stole was source code files that contain modifications (some of it his own code that he developed outside of work) for open source programs....

          That would be depended on the contract he signed with his ex-employer. Often times, a contract would include certain clauses that will cover all the works you do (even outside of work hours) to belong to the company as work-for-hire while you are hired to work for the company. Then he could be in trouble. There were many cases about this kind of infamous contract iirc...

          • There were many cases about this kind of infamous contract iirc.

            The company and government are trying to make this a criminal case and so far had lost twice on appeal. The programmer and his attorney are trying to turn this into a civil case. If he doesn't win the appeal for a third time, he will face four years of prison time.

        • I don't know of open source licenses that require divulging of private changes. The GPLs require that you distribute source code if you distribute binaries or other processed code, and that all distribution be under the appropriate GPL. BSD-type licenses have no such restrictions. If a company modifies F/OSS for private use, and does not distribute, nobody outside the company has the right to copy it.

          If he developed code outside of work, he may or may not be entitled to it, depending on the law in the

    • >Manhattan DA Cyrus Vance

      This explains everything, his relatives are GS legal counsels

  • Rookie (Score:5, Funny)

    by plopez ( 54068 ) on Monday April 24, 2017 @12:23AM (#54290301) Journal

    Typical shenanigans of a newly minted Admin who thinks he suddenly is the master of the universe. I doubt he is even the master of his own domain.

    • Re:Rookie (Score:5, Funny)

      by SeaFox ( 739806 ) on Monday April 24, 2017 @01:19AM (#54290423)

      I doubt he is even the master of his own domain.

      Well, he'll likely have a cellmate, so I should say not.

    • by rtb61 ( 674572 )

      I'll bet the paranoia about the code is because that's where the real shenanigans are going on. Likely KCGs algorithms are better at tracking insider trading than the SECs hence the desperate need for secrecy, not to report the insider trading but to join in. There are real patterns based around insider trading and the claims of worthwhile patterns in regular trading are just a pipe dream.

      • Re: (Score:2, Interesting)

        by Anonymous Coward

        > Likely KCGs algorithms are better at tracking insider trading than the SECs hence the desperate need for secrecy

        You think you're kidding. I've actually seen spam filters tuned to detect outgoing "insider information" for review before letting the mail pass. The critical email they were filtering was actually about criminal activity, so it made extra sense to keep it secret. The filter tools were kept on a *very* locked down system, the nature of the inappropriate content was never disclosed in the aler

  • Blaming your actions and choices n prior choices made by someone else is just plain immature and reeks of the "Well *he* started it..." line that virtually every parent has heard from their kids when trying to diffuse a situation involving them with another child.

    I'm just somewhat surprised that someone who apparently hasn't grasped the concept of personal accountability has a good enough work ethic to even get a job where they would have the ability to do what he did.

  • .... and it never even occurred to him to just go and politely ask someone closer to the top?

    How do people like this even have enough brain cells to remember to breathe, let alone perform technically advanced jobs?

    • it never even occurred to him to just go and politely ask someone closer to the top?

      Have you ever actually had a job in anything other than a one man band?

      • by mark-t ( 151149 )
        I'm suggesting that if you work for people you don't trust, then you are working for the wrong people anyways... you are dissatisfied enough with your job that you should be by all rights trying to find another job already, and quitting at the earliest opportunity. At that point, whether they are actually intending to lay you off or not should be entirely irrelevant to you because even if they intended to let you go, you're already intent on leaving, so nothing of value is lost.
  • by chthon ( 580889 ) on Monday April 24, 2017 @01:17AM (#54290419) Journal

    If he wasn't aware of the possible consequences of his actions, then he isn't an engineer.

  • Oh my (Score:5, Informative)

    by buss_error ( 142273 ) on Monday April 24, 2017 @02:06AM (#54290517) Homepage Journal

    I am employed by a company I love working for, with I boss I think is wonderful. I expect to be terminated shortly, for reasons that are partly -my- fault, party just business.

    Yeah, I'd totally not even think of doing something like this. First of all, it's completely unethical. Second, it's against my ethics. Third, it violated the System Administrators Oath.

    https://lopsa.org/CodeOfEthics [lopsa.org]

    • by Lumpy ( 12016 )

      I love working for, with I boss I think is wonderful.

      you have an iBoss?

      NEAT! I did not know that apple was shipping those yet. What OS version is he running?

  • by SpaghettiPattern ( 609814 ) on Monday April 24, 2017 @02:21AM (#54290537)

    Anything worth doing is worth overdoing. A hail to code optimization!

    Initially, the optimized function bool::willIBefired() will always return true.

    After optimization the result actually must be one of true or false.

    Lesson learned: Don't let context influence optimization.

  • Knowing wall street firms, they will be kind to their fellow criminals and use him to hack their rival firms, one would think.
    • by Dr. Evil ( 3501 )

      I suspect he was planning to market the data, or already had a buyer. His explanation doesn't make sense.

  • Seriously, what sort of a dumbass do you need to be to not think you'll be fired after this. Normally ethically functioning people will update their resumes and web sites and as a side bet apply for a few jobs.

  • I worked for a certain state agency. They used QMAIL and if you don't know all mail is stored as a flat file. So on occasion we'rd have to manually edit that mail file to snip out something that would cause POP and IMAP clients to freak out. One day our Admin Director is having email troubles so I go back to my desk and she tags along. She was aghast that I could read her email. I explained there was way too much integrity among IT staff and we'd never disclose what we saw.
    • I almost never see anyone outside the field who realizes how much trust organizations have to put into IT and likely developers.

  • Showing his total lack of understanding for how technology, logging and legal investigations work, the employee admitted via email to a fellow employee that he installed malware on the servers and hacked other employees.

    This doesn't gibe with the previous paragraph.

  • That smart people can be drooling idiots.

    Social engineering would have got him a LOT more information with no trail of evidence. But then that is asking an engineer to do social interaction... Not something they are capable of.

  • Fear (Score:4, Interesting)

    by luis_a_espinal ( 1810296 ) on Monday April 24, 2017 @08:43AM (#54291455)

    Wall Street IT Engineer Hacks Employer To See If He'll Be Fired

    What is it with people in this industry who fear getting laid off (or fired, which is distinct)? You should expect a turnover every 4-5 years and plan accordingly. Unless you live in the middle of nowhere where employers are scarce (NYC certainly does not fit that label), all you need to do is brush up your skills, be proactive and cultivate a professional network to survive turn-overs.

    If you are passive and lackadaisical with your career, however, I can see why you'd shit bricks every so often enough to think hacking your employer this way is a good idea :/

    • You should expect a turnover every 4-5 years and plan accordingly.

      Before the Great Recession, I used to switch jobs every three years, sometimes at the same company or a different company. After the Great Recession, I worked whatever contracting job I could land. A contract can last anywhere from four hours, days, weeks, months or years. I'm currently halfway through a five-year contract in government IT.

      • You should expect a turnover every 4-5 years and plan accordingly.

        Before the Great Recession, I used to switch jobs every three years, sometimes at the same company or a different company. After the Great Recession, I worked whatever contracting job I could land. A contract can last anywhere from four hours, days, weeks, months or years. I'm currently halfway through a five-year contract in government IT.

        To me, cycling through short-term contracts is not turnover. That's just being part of being a contractor (I've done more contract jobs than permanent ones.) And you adjust to it. But when we land a long-term contracting job or a permanent gig, the clock begins ticking. And once it goes past the 4-year mark, it is time to have backup plans before the churn hits again.

  • by hey! ( 33014 ) on Monday April 24, 2017 @09:27AM (#54291663) Homepage Journal

    You know, the one where a kid figured out how to refine thorium by reading the Golden Book of Chemistry and turned his mother's garden shed into a Superfund site.

    The moral of the story is that even a stupid human being can be pretty smart. Particularly a sufficiently motivated stupid person.

    Of course it also helps that intelligence comes in different flavors. Some people are good at spatial reasoning, others are good at verbal reasoning. But we often overlook social reasoning because it's not part of the traditional IQ tests. I think another reason that Social IQ testing hasn't caught on is that there is good reason to believe that social reasoning ability isn't fixed. Changes in attitude can strongly impair or enhance an individual's ability to process social information.

    Which leads to the flip side of the stupid people being able to be smart: even smart people can be stupid, particularly in making social judgments.

    • The moral of the story is that even a stupid human being can be pretty smart. Particularly a sufficiently motivated stupid person.

      That's an odd thing to say, since stupid is the antonym of smart. I think what you meant to say is:

      The moral of the story is that even a foolish human being can be pretty smart. Particularly a sufficiently-motivated fool.

      Foolishness is the opposite of wisdom, and the foolish/wise axis is roughly orthogonal to the stupid/smart axis.

      Of course it also helps that intelligence comes in different flavors. Some people are good at spatial reasoning, others are good at verbal reasoning. But we often overlook social reasoning because it's not part of the traditional IQ tests. I think another reason that Social IQ testing hasn't caught on is that there is good reason to believe that social reasoning ability isn't fixed. Changes in attitude can strongly impair or enhance an individual's ability to process social information.

      I don't think this has anything to do with social intelligence. It's perfectly possible to have high intelligence across every category, including social intelligence, and st

      • by hey! ( 33014 )

        Actually, I meant what I said.

        Intelligence is a generalized measure of capacity, but actual intellectual performance depends strongly upon motivation. Thus, an obsessed person with an IQ of 100 can sometimes accomplish feats that would elude people with significantly higher IQ. It's a mistake to underestimate the potential intellectual performance of someone because he is relatively dumb.

        It's perfectly possible to have high intelligence across every category, including social intelligence, and still be foolish.

        While this may be true, I think it is impossible to anticipate someone's actual social reasoning performance from any m

        • Actually, I meant what I said.

          Then you're just wrong, because decisions like this guy made have basically nothing to do with any sort of intelligence, and certainly not social intelligence (not by any definition of that phrase that I've ever seen). They do have something to do with motivation, but it's about the goal of the motivation, not the degree.

          It's perfectly possible to have high intelligence across every category, including social intelligence, and still be foolish.

          While this may be true, I think it is impossible to anticipate someone's actual social reasoning performance from any measure of social reasoning capacity to any useful degree.

          Likely true,

  • This is the very definition. This guy was dumb - seriously... the depth of hacking he did was amazing. You'd think at some level one might step back and think "well if they weren't going to lay me off.... this step will definitely get me **fired**"

    Extra years for "dumb-assery"

  • The attack was fairly sophisticated and perhaps the "fear of getting fired" story was simply that, a cover story. It seems like the real target was the source code.

The reward for working hard is more hard work.

Working...