Trade Secret Theft Trends: A Closer Look at the Perpetrators

| Sarah Morningstar
Sarah Morningstar
Senior Advisor, Threat Pattern

American businesses lose an estimated $160 billion to $480 billion annually due to trade secret misappropriation. To combat this loss, over the past few years the law enforcement community has enhanced its strategies, Congress has passed legislation to expand trade secret protection, and many businesses have made sweeping changes to their security procedures. To further aid businesses in their efforts to protect their most valuable secrets, my assessment identifies offender trends by analyzing 22 trade secret theft criminal cases decided between 2010-2016.

Most of the trade secret offenders reviewed were middle-aged Chinese males with advanced degrees in engineering, working in the manufacturing industry.

The fact that most of the offenders were Chinese is not surprising because China is the leading threat when it comes to the theft of intellectual assets, including inventions, patents, and R&D secrets, according to the Federal Bureau of Investigation.

  • Seventy-three percent of the offenders were Chinese or of Chinese heritage, 82 percent were middle-aged males (average age 49), and 55 percent had advanced degrees in the engineering field.
  • Fifty-five percent of the perpetrators were current employees, 27 percent were former employees, and the remainder were conducted by contractors, vendors, or hackers attacking remotely. Additionally, 59 percent of the offenders acted alone. Current employees have an advantage in stealing trade secrets, because they are knowledgeable about the company’s security practices and vulnerabilities, and can bypass barriers designed to protect against theft of trade secrets.
  • Seventy-three percent of the victim companies were in the manufacturing industry. Furthermore, 91 percent of the victim companies had more than 1,000 employees, suggesting larger companies are more frequently targeted.

Among the cases reviewed, most of the trade secret offenders acted alone and were seeking financial gain, often by selling these secrets to Chinese companies or by using them to seek profits for their own competing companies.

The amount the offenders were paid for the trade secrets varied, but on the high side, Walter Liew was paid $28 million from 2006 to 2011 for contracts to design a titanium dioxide plant for Pangang Titanium Industry Co. in China. Liew recruited sources from DuPont to acquire the trade secrets.

  • Nearly all of the cases (95 percent) involved subjects seeking financial gain from the sale of the trade secrets, and 68 percent of the theft was conducted to benefit another company in China. For example, in 2010, Yu Xiang Dong, an engineer with Ford Motor Co., pleaded guilty for stealing trade secrets, including copying some 4,000 Ford documents to an external hard drive and taking them to his new prospective employer in China.
  • In another case, Chunlai Yang, who worked for 11 years with CME Group, pleaded guilty in 2012 to trade secret theft, admitting he was trying to create a similar product for a software company he planned to create in China when he illegally downloaded more than 10,000 computer source code files.

In improving their security procedures, U..S companies—particularly large manufacturing companies—should consider enhancing their trade secret access controls, conducting periodic employee reinvestigations, and reviewing their termination procedures.

One of the challenges prosecutors faced in the cases reviewed was demonstrating that the information stolen was protected, classified, or marked in some way to ensure the user knew they were handling confidential company information, suggesting companies should do more in this area.

  • Trade secrets and related information should never be a file that an employee can easily access and download. In the 22 cases reviewed, 45 percent of the theft was conducted by current employees saving the information to a USB drive, laptop, or sending it as an email attachment; another 27 percent occurred by simply copying or taking documents outside of the office.
  • Periodic reinvestigations of employees with access to trade secret information should be common practice. These investigations should look into the employee’s travel, finances (particularly unexplained affluence), and any private business ventures, among other areas of inquiry. Fifty-five percent of the offenders traveled to or had plans to travel to China prior to their arrest.
  • One termination procedure that Carnegie Mellon’s Software Engineering Institute recommends is for companies to systematically review the employee’s access and online actions during the 30 days prior to termination. This would have been useful in the case of Suibin Zhang. The day after Zhang accepted a position at a competing company, he used his work account to download and steal trade secret information from an affiliate of his employer, Netgear, Inc.

The Author is Sarah Morningstar

Sarah Morningstar is a senior advisor at Threat Pattern, an intelligence and security company that assists corporations and high-net-worth individuals in countering internal and external threats. Previously, she served as an analyst and manager in CIA's Directorate of Intelligence where she authored a wide range of products—including for the President's Daily Brief. While at the CIA, she was also a counterintelligence analyst focused on techniques for validating sources;... Read More

Learn more about The Cipher Brief's Network here.

CLICK TO ADD YOUR POINT OF VIEW

Share your point of view

Your comment will be posted pending moderator approval. No ad hominem attacks will be posted. Your email address will not be published. Required fields are marked *