A 10 year employee of CME Group in Chicago is alleged to have stolen trade secrets and proprietary source code used to run trading systems for the Chicago Mercantile Exchange, according to a criminal complaint filed in U.S. District Court in Illinois.
The complaint, dated June 30, 2011 and signed by FBI Special Agent Joanne Cullinan, alleges that Chunlai Yang, 49, downloaded “thousands of files” containing “source code and proprietary algorithms” used by CME to run its trading systems. The files were downloaded from a company-owned source code repository maintained by CME to Yang’s work computer, then copied them to removable “thumb” drives. The complaint also cites personal e-mail correspondence between Yang and an official in China that contained proprietary CME information.
CME Group was unable to immediately respond to a request for comment from Threatpost.
Yang was born and educated in China, but received his Ph.D in physics in the U.S and is a naturalized U.S. citizen. He had been working at CME since 2000.
The case against Yang appears to have come together quickly. According to the complaint, CME only began monitoring his activities in early May and he continued to work for the firm as late as June 27, 2011.
Forensic analysis of his hard drive and active monitoring of his activities suggests that Yang was perusing CME’s ClearCase source code repository for sensitive documents, then offloading them to portable media. The evidence against him includes screen captures showing Yang in the act of copying source code files to removable drives from his laptop.
Evidence presented in the complaint, including e-mail messages, suggest that Yang was preparing to leave CME and set up a new company, East China Technology Innovation Park Co. Ltd.” in mainland China, with Yang and two other individuals listed as sole directors and shareholders. The purpose of the company, according to e-mail messages obtained by CME, was to increase the trading volume at the Zhangjiagang chemical electronic trading market and build a futures exchange using software provided by Yang’s new company.
This isn’t the first evidence of foreign interest in the proprietary trading systems that run key U.S. markets. In March, NASDAQ reported a security breach on its systems. That was not believed to have yielded sensitive trading source code or secrets, but the U.S. National Security Agency was investigating the incident. Attacks carried out by insiders are a particular concern for organizations whose business hinges on proprietary software products and trade secrets. Threatpost’s list of the Ten Infamous Insiders includes the likes of Gary Min, a DuPont engineer believed to have made off with company secrets valued at $400 million, and Xiaodong Sheldon Meng, alleged to have passed secrets from defense contractor Quantum3D to the People’s Republic of China.