Photographer: Andrey Rudakov/Bloomberg
Ex-Susquehanna Engineer Avoids Prison Term in Code ‘Heist’By
Sazonov pleaded guilty to trying to access protected computer
It’s the latest case of programmers accused of data theft
A former software engineer at Susquehanna International Group LLP was given three years’ probation after being accused of an elaborate scheme to steal computer code for a trading platform by embedding it in harmless-looking draft emails hours before he was fired.
Dmitry Sazonov, who worked at the quantitative trading firm’s New York office from 2004 until his dismissal on Feb. 6, 2017, pleaded guilty last year to a misdemeanor attempt to access a protected computer. In doing so Sazonov avoided a trial on the government’s original charge of attempted trade-secrets theft, which carries a maximum sentence of 10 years.
Federal prosecutors say that when Sazonov suspected he would soon be fired, he hatched a plan to break up the stolen code from a master PDF file and embed fragments into personal documents on his work computer, including tax files, immigration papers and random images from the internet.
"The crime you committed was not a minor one," U.S. Magistrate Judge Stewart Aaron said Thursday in Manhattan federal court, citing the complex technical undertaking to break up and disguise the code. But Aaron said the sentence was appropriate because Sazonov had no prior criminal record, has a wife and children to attend to and isn’t likely to offend again.
Sazanov’s actions put Susquehanna at risk in an industry where the success of a firm’s trading strategies hinges on a “technological arms race” with code at center of the fight, said Paul Onderdonk, an executive at the firm.
“Our technology is the lifeblood of our organization,” Onderdonk said at the hearing in a victim-impact statement. “It is only through happenstance that we detected what he was up to.”
Sazonov, 45, who made about $150,000 a year at Susquehanna, apologized and said he never intended to hurt the company.
Dressed in a hooded sweater and jeans, Sazonov told the judge: "I honestly don’t really remember the couple hours of that day."
An immigrant from Russia, Sazonov moved to the U.S. in 2001 and helped develop trading strategies for a vital update to Susquehanna’s trading platform, which accounts for about $300 million in daily options trades, prosecutors said. He was tipped off to his termination when his immediate supervisor was forced to resign and he was told to attend a meeting a few days later about his future with the company.
That’s when federal prosecutors, who described Sazonov’s plan as a "heist," said he began frantically researching steganography online, the practice of concealing data within other files.
He then used a computer program to break up the code and embed pieces in multiple random files. It also included a "manifest" that allowed the stolen code to be reassembled with ease at a later date, according to prosecutors. Sazonov saved the manifest in encrypted ZIP files on his work computer and attached them to draft emails to his personal email account, just before his termination.
Prosecutors say the plan was thwarted when Susquehanna officials refused to let him return to his desk after he was fired and escorted him out of the building, depriving him of his chance to hit "send" on the drafts. He admits he re-entered the building the same day without permission in order to access the files, but got spooked and left when he saw his former colleagues standing near his desk.
Sazonov was arrested six days later when he returned to the building to retrieve a disk he believed held the files. It was given to him by an undercover federal agent.
"Mr. Sazonov’s conduct in this case is completely aberrant, entirely inconsistent with his true character," his lawyer said in sentencing documents before the hearing. He blamed Sazonov’s behavior in part on "extreme distress" caused by a "life-shattering divorce."
Sazonov also argued in court papers before his sentencing that his plan was to delete the draft emails rather that send them to himself. Prosecutors called that claim "self-serving."
The case is similar to that of former Goldman Sachs Group programmer Sergey Aleynikov, who was accused of stealing code from the bank in 2009 and spent a year in federal prison before his conviction was reversed on appeal. He was later convicted in state court in New York and is appealing. A hearing is set for March before the state’s highest court in Albany.
In April 2017, computer engineer Zhengquan Zhang was arrested and accused of stealing code for trading models and platforms from his employer, KCG Holdings Inc. Zhang, a Chinese national, has pleaded not guilty. No trial date has been set.
The case is U.S. v. Sazonov, 17-mj-02798, U.S. District Court, Southern District of New York (Manhattan).