Is Sergey Aleynikov Really a Russian Spy who stole Trade Secrets that Could Cost Goldman Sachs Millions?

A top story of the day on many of the news outlets is about Sergey Aleynikov, the thirty-nine year-old former vice president who allegedly stole trade secrets from Goldman Sachs and stored them on a foreign server. The breathless headlines are staggering. Code theft could cost Goldman millions, US says, To Catch a Rogue Quant, Russian Said to Be Ex-Goldman Worker Charged in Theft and The Dumbest Man at Goldman Sachs.

As President Obama visits Russia, the homeland security, terrorism and anti-immigrant blogs are abuzz about the alleged Russian spy. You have to look hard to find the headline, Goldman sees no impact from computer programmer-source. It isn’t as exciting.

Before Aleynikov is hung for international espionage, I thought it would be good to dig a little bit deeper into what happened. According to the an affidavit by Michael G. McSwain entered into the Southern District of New York, FBI agent McSwain charges Mr. Aleynikov with “unlawfully, willfully, and knowingly, without authorization, copied, duplicated, sketched, drew, photographed, downloaded, uploaded, altered, destroyed, photocopied, replicated, transmitted, delivered, sent, mailed, communicated and conveyed, a trade secret that is related to and included in a product that is produced for and place in interstate and foreign commerce with the intent to convert that trade secret to the economic benefit of someone other than the owner thereof, and intending and knowling that the offense would injure the owner of that trade secret, to wit, Aleynikov, while in New York, New York, and elsewhere, copied, without authorization, proprietary computer code belonging to a financial institution in the United States and then uploaded the code to a computer server in Germany.”

The second charge is that “the defendant, unlawfully, willfully and knowingly, transported, transmitted, and transferred in interstate and foreign commerce goods, wares, merchandise, securities and money, of the value pf [sic] $5,000 and more knowing the same to have been stolen, converted and taken by fraud”

The affidavit continues by talking about a software platform that the financial institutes uses “to engage in sophisticated, high-speed, and high-volume trades on various stocks and commodities markets... The speed and efficiency by which the Platform obtains and processes market data allows the Financial Institution to employ additional programs that use sophisticated mathematical formulas to place automated trades… The trades made through the Platform typically generate many millions of dollars of profits per year for the Financial Institution.” It says that the firm has spent millions of dollars developing the computer programs and considers the computer programs confidential and proprietary.

The affidavit notes that when Aleynikov resigned from the firm on or about June 5th his annual salary was approximately $400,000. According to the affidavit, Aleynikov’s boss claimed that Aleynikov had resigned to work for another high volume automated trading firm which was to pay him approximately three times his annual salary.

Between June 1st and June 5th, the affidavit alleges that Aleynikov uploaded approximately 32 megabytes of data. It gets into the technology a little bit. Apparently Aleynikov used the bash shell as his command prompt, most likely on a Linux box. The .history file in bash shows the commands that were executed, and this is what Goldman Sachs is basing their allegations on.

From this, they claim that Aleynikov “copied, compressed, and merged certain files containing code for the Platform and some associated programs”. Any proficient linux users would guess that he used the tar command to copy a bunch of files into an archive and then gzip to compress them. This is a standard procedure for backing up and saving copies of programs. It is also worth explaining for people that are not techies that ‘code’ isn’t some sort of secret codes to encrypt and decrypt top secret messages. ‘code’ is a standard phrase to talk about computer programs. Writing a computer program is called ‘coding’, and the resulting program is called ‘code’. The affidavit notes that the backed up software was then encrypted. It is hard to tell from the affidavit what was really done there.

The affidavit goes on to say that “Based on a search of the Website’s URL on a publically-available database, it appears that the Website is registered to an individual with an address in London, United Kingdom, and associated with a computer server located in Germany. Based upon information provided by Financial Institution representatives, it appears that the Website, similar to an electronic document-management system, allows users to upload, save, and manage different versions of software code that the user is editing.

I wondered if I could figure out what server that might be. This website is using a content management system called “Drupal”. You can upload and download programs, “code”, from their website. However, it is registered to Dries Buytaert in Antwerp Belgium. I’ve seen that Mr. Aleynikov has contributed software to cpan. which belongs to The Perl Institute from Largo, Florida. However, the administrative contact is Elaine Ashton from Helsinki, Finland.

So, I haven’t been able to guess which server he was using, but if what he was doing was checking in some open source software, it would be reasonable to find him using a server in Germany that is registered to someone in England.

In the section of the affidavit describing the arrest, we find that ‘Aleynikov wrote that, on or about June 5, 2009, he copied and encrypted files from the Financial Instition’s server, uploaded those files to the Website and then deleted the encryption software and bash history. Thereafter, Aleynikov downloaded the files from the Website to his home computer, his laptop computer, and a portable memory device. Aleynikov claimed, however, that he only intended to collect “open source” files on which he had worked.” This fits with my thoughts above about open source software. He goes on to say that “later he realized that he had obtained more files than he intended.” Anyone who has backed up all the files in there directories should not be surprised by such a claim. I suspect anyone who has ever backed up files often backs up more than they really want.

In terms of Mr. Aleynikov’s claim that he was working on Open Source software, a quick check of the Perl archives shows two different project that he has worked on, Devel::Assert and Exception::SEH - rich try/catch/finally semantics. It is reasonable to assume that a little more research would find additional open source work by Mr. Aleynikov.

It is worth noting that this work is unlikely to be part of ‘The Platform’. When you are trying to get low-latency trading information processed, you are not likely to do it in Perl.

The article The Dumbest Man at Goldman Sachs chastises Mr. Aleynikov for using LinkedIn to provide information about himself. It is from this that people have determined that he worked at Goldman Sachs. However, his use of LinkedIn is only dumb if you assume, like I believe Dan Freed is incorrectly assuming, that Mr. Aleynikov is guilty and believes he needs to hide things. The fact that he provided information to the FBI upon his arrest and the other information available, leads me to believe that Mr. Aleynikov is simply another bright open source programmer that wants to share information.

From his LinkedIn page, we find that he was Director of Routing R&D at IDT Corp. Further searches reveal a patent in his name that IDT applied for in August 2008 on Strategic Telecom Optimized Routing Machine. His LinkedIn page describes his work at Goldman Sachs as including:

Lead development of a distributed real-time co-located high-frequency trading (HFT) platform. The main objective was to engineer a very low latency (microseconds) event-driven market data processing, strategy, and order submission engine.

It would seem as if his work on an optimized routing machine at IDT would be good groundwork for his work at Goldman Sachs. As such, it seems dubious that the trade secrets are really all that secret. If they are all that secret, they probably belong to IDT and not Goldman Sachs.

Bloomberg reports that Mr. Aleynikov was leaving Goldman Sachs to join Chicago based Teza Technologies LLC. Teza was co-founded by Misha Malyshev who had been a trader at Citadel Investment Group LLC. Apparently Teva is a new firm, just trying to get going and was tapping Aleynikov’s talent in hopes of building a high frequency trading strategy.

The idea of high frequency trading strategies isn’t really all that sophisticated. You want to retrieve and process market data values faster than anyone else. If you find that a price is lower than you think it ought to be quicker than anyone else, you buy and then you sell when you find that price is higher than you think it ought to be. There are plenty of ways to determine what prices ought to be and it is a never ending arms race to be just a few microseconds faster than someone else’s calculations.

Yes, if Teva, or some other firm managed to illegally steal information that made it so that they could be as quick as Goldman Sachs, that would hurt Goldman, until Goldman came up with something quicker. Based on this, I doubt that Teva really was looking to steal Goldman’s code. Instead, they wanted to get Mr. Aleynikov’s knowledge of routing machines, knowledge that he had before he went to Goldman and certainly didn’t need to copy files to maintain that knowledge. With his knowledge he could help Teva build something even better than he built at Goldman.

I suspect that this gets to a much more closer view of what happened. Whenever someone leaves a job, they clean out their desk and take their personal belongings with them. These days, more and more of our personal belongings are files stored on company computers. My personal guess is that Mr. Aleynikov cleaned out his virtual desktop by backing up files to a server in Germany. He may, or may not, have included in his virtual briefcase material that was confidential, but if he did, I believe it was inadvertent.

The real question is why did this become a front page story? Perhaps Mr. Aleynikov’s boss has read a few too many spy novels. More likely, he was suffering from a narcissistic injury of losing his best worker and he lashed out in whatever way he could. I’ve seen that sort of behavior many times on Wall Street. Masters of the Universe are rarely masters of their own emotions.

I believe this has been compounded by poor journalism as folks play up the aspect of Mr. Aleynikov’s heritage. Everyone loves a good story about a Russian spy even if it is misleading. Others are fascinated by the sophisticated calculations that these program traders, even though when you get right down to it, there isn’t really anything all that sophisticated or fascinating about the calculations.

This has been a long answer presenting my thoughts on the question, “Is Sergey Aleynikov Really a Russian Spy who stole Trade Secrets that Could Cost Goldman Sachs Millions?” The short answer, I believe, is “no”.

(Originally posted at Toomre Capital Markets.)

(Categories: )