Assignment 2: Review of Business Fraud
ACC 565 – Accounting Information Systems
July 28, 2012
Summary of United States vs. Bo Zhang
Bo Zhang, a Chinese computer program, was a contract employee assigned to the Federal Reserve Bank of New York (FRBNY), between May 2011 and August 11, 2011, to work on further developing a specific portion of the Government Wide Accounting program (GWA) source code (FBI, 2012). Mr. Zhang was not a United States citizen and was here on a VISA. The United States had spent approximately $9.5 million to develop the GWA code. The FRBNY was given the task of moving the Government Wide Accounting program, developed to help ...view middle of the document...
This included ledger accounting for each appropriation, fund, and receipt within the Department of Treasury. Bo Zhang used the access to forge documents to give Chinese immigration VISA to the U.S. Stealing proprietary government software worth nearly $10 million using little more than a mouse had government officials and investigator worried they were vulnerable to cyber attacks. This concern was accelerated when Bo Zhang was arrested in 2012 which was five month after his employment date because they did not know for sure who else had the GWA code and could access the system. If attacked there were direct concerns accounting information could be altered or malicious virus could launched wiping ok critical data. FBI investigators questioned Zhang on August 11, Zhang admitted taking the code "for private use and in order to ensure that it was available to him in the event that he lost his job," the complaint said (FBI, 2012). Zhang’s thievery put the U.S. government at risk and made them vulnerable to outside attack. If executed correctly this could have caused the Federal Reserve Bank to lock done daily activity which would have affect U.S. business and individuals. “Zhang, 32, of Queens, New York, pled guilty to one count of theft of government property and one count of immigration fraud. He faces a maximum term of 20 years in prison (FBI, 2012).” Zhang will be sentenced by United States District Judge Paul G. Gardephe on October 1, 2012 at 10:00 a.m. for 18 months in prison, $30,000 in fines, and was subject to deportation after his time was severed (FBI, 2012).
Fraud Classification of the Case
This case is an example of data leakage. Data leakage is unauthorized copying of company data (Romney/Steinbart, 2012). Data leakage has many different formats. The formats include printed, digital media, data in motion, data at rest and data at endpoints (IRS, 2012). This case is data at the endpoint. “Data at the endpoints refers to endpoints of a network where the data is being used. Since this is where most FTI data is accessible, this type of digital media form warrants the greatest concern for potential data leakage. Employees or contractors could copy restricted data onto a mobile media device, physically remove it from the agency’s facility or print and distribute it without knowledge of the violation. Consequently, FTI data that is on a PC could be copied to back-up storage located at a contractor’s off-site facility as a component of an agency’s automated back-up procedures (IRS, 2012). Mr. Zhang data leakage was in the format of data at the endpoints where he copied the GWA software onto the government’s external hard drive then from there to a private company computer and to his home computers. He then used the GWA software on unmonitored systems to commit the immigration fraud.
Types of Controls in Place
The Government did have user access controls as that is Mr. Zhang copied the GWA code and software to...