FBI Arrest Former Susquehanna International Group Engineer For Code-Theft Scheme

ROCKLAND COUNTY, NY — A software engineer who lives in Rockland County was charged Thursday with attempted theft of trade secrets. Prosecutors say he was out to steal proprietary computer code for a trading platform from his employer, a financial services firm with an office in New York City that trades securities and other financial products.

Dmitry Sazonov was arrested Wednesday afternoon and presented Thursday before U.S. Magistrate Judge Andrew J. Peck in federal court, Acting U.S. Attorney Joon H. Kim said.

“As alleged, Dmitry Sazonov attempted to steal valuable proprietary computer code that took his employer years to develop,” Kim said in the announcement. “Sazonov allegedly took elaborate steps to conceal his attempted theft, including camouflaging pieces of source code within harmless-looking draft emails on his work computer. Thanks to the FBI, Sazonov has been stopped and is now in custody.”

According to the allegations contained in the Complaint unsealed Thursday, the company where Sazonov used to work acts as a market maker, facilitating trading and liquidity in a variety of financial markets.

A substantial portion of the trading done by its employees is facilitated by a proprietary trading platform which deploys a computer program to take in many different pieces of market data, to use that data to develop trading strategies, and then to generate orders and automatically submit those orders to an exchange or market center.

The firm executes approximately $300 million in options trades through the Trading Platform every day.

For the last five years, the company has been in the process of developing an updated and improved version of the Trading Platform. So far, prosecutors said, it has, invested more than approximately $5 million in the development of the Updated Trading Platform, which company officials expect to enhance its position. Accordingly, the firm has put in place measures designed to protect the computer source code.

From July 2004 through Feb. 6, 2017, Sazonov was employed as a software engineer there and was involved in the development of trading strategies to be implemented in conjunction with the deployment of the Updated Trading Platform.

Then on Feb. 2, prosecutors allege, Sazonov learned that his immediate supervisor had resigned and began looking for a new job; on Feb 3, he learned that he would be meeting with another supervisor about the future of his role at the company the following Monday.

Before that meeting took place, Sazonov tried to steal the Source Code. On the morning of Feb. 6, prosecutors allege he downloaded the Source Code to his company computer. He ran Internet searches and viewed websites related to steganography, the practice of concealing messages or data within other files, among other things.

He then deployed a computer program that appears to have used steganography, in order to break up a PDF file believed to contain the Source Code, and append pieces of the PDF file to various apparently innocuous documents and files contained in a folder on his desktop computer, including personal tax and immigration documents and images taken from the Internet, among others.

The program also appears to have produced a manifest, permitting the reassembly of the Source Code from the various Payload Documents.

He used his computer to upload an encrypted zip file containing the manifest to a third-party website and also saved two draft emails to his Firm-1 email account, attaching the encrypted zip file containing the manifest to one email and a zip file containing the Payload Documents to the other email.

He didn’t send send the emails before reporting to the meeting with the supervisor.

But, in the course of that meeting, he was fired. After being fired, prosecutors said, he repeatedly asked to be permitted to return to his desk to retrieve files from his computer.

Pursuant to company policy, however, he was not permitted to return to his desk prior to being escorted out of the office.

On multiple occasions following his termination, prosecutors say Sazonov contacted former co-workers by telephone and by email seeking the return of computer files on his desktop computer, which he claimed were personal documents. On April 12, Sazonov reported to the lobby of the building in which the firm is located and retrieved a disk he believed contained those files. He was subsequently arrested.

FBI Assistant Director-in-Charge William F. Sweeney Jr. said: “As we allege, Sazonov went to great lengths to conceal source code for a trading platform in order to steal it from his former employer. He researched and ultimately used the technique of steganography to hide the code within other PDF files like personal tax and immigration documents on his work computer. He also uploaded encrypted zip files to a third-party website to complete his heist.

Stealing from an employer is a serious offense especially when it comes to proprietary source code that companies have invested heavily in, and that they rely on to generate revenue. The FBI is committed to enforcing laws that protect U.S. companies from the theft of trade secrets.”

Sazonov, 44, of Rockland County, New York, is charged with one count of attempted theft of trade secrets, which carries a maximum sentence of 10 years in prison and a maximum fine of $250,000 or twice the gross gain or loss from the offense.

The maximum potential sentence in this case is prescribed by Congress and is provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.

The case is being prosecuted by the Office’s Complex Frauds and Cybercrime Unit. Assistant U.S. Attorney Katherine Reilly is in charge of the prosecution.

The charges contained in the Complaint are merely accusations, and the defendant is presumed innocent unless and until provenguilty.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply