National Security is Everyone's Business

March 25, 2023 | 10:19 PM ET

Trade Secret Theft Trends: A Closer Look at the Perpetrators

September 25th, 2016 by Sarah Morningstar, | 0 Comments

American businesses lose an estimated $160 billion to $480 billion annually due to trade secret misappropriation. To combat this loss, over the past few years the law enforcement community has enhanced its strategies, Congress has passed legislation to expand trade secret protection, and many businesses have made sweeping changes to their security procedures. To further aid businesses in their efforts to protect their most valuable secrets, my assessment identifies offender trends by analyzing 22 trade secret theft criminal cases decided between 2010-2016.

Most of the trade secret offenders reviewed were middle-aged Chinese males with advanced degrees in engineering, working in the manufacturing industry.

The fact that most of the offenders were Chinese is not surprising because China is the leading threat when it comes to the theft of intellectual assets, including inventions, patents, and R&D secrets, according to the Federal Bureau of Investigation.

Seventy-three percent of the offenders were Chinese or of Chinese heritage, 82 percent were middle-aged males (average age 49), and 55 percent had advanced degrees in the engineering field.
Fifty-five percent of the perpetrators were current employees, 27 percent were former employees, and the remainder were conducted by contractors, vendors, or hackers attacking remotely. Additionally, 59 percent of the offenders acted alone. Current employees have an advantage in stealing trade secrets, because they are knowledgeable about the company’s security practices and vulnerabilities, and can bypass barriers designed to protect against theft of trade secrets.
Seventy-three percent of the victim companies were in the manufacturing industry. Furthermore, 91 percent of the victim companies had more than 1,000 employees, suggesting larger companies are more frequently targeted.

Among the cases reviewed, most of the trade secret offenders acted alone and were seeking financial gain, often by selling these secrets to Chinese companies or by using them to seek profits for their own competing companies.

The amount the offenders were paid for the trade secrets varied, but on the high side, Walter Liew was paid $28 million from 2006 to 2011 for contracts to design a titanium dioxide plant for Pangang Titanium Industry Co. in China. Liew recruited sources from DuPont to acquire the trade secrets.

Nearly all of the cases (95 percent) involved subjects seeking financial gain from the sale of the trade secrets, and 68 percent of the theft was conducted to benefit another company in China. For example, in 2010, Yu Xiang Dong, an engineer with Ford Motor Co., pleaded guilty for stealing trade secrets, including copying some 4,000 Ford documents to an external hard drive and taking them to his new prospective employer in China.
In another case, Chunlai Yang, who worked for 11 years with CME Group, pleaded guilty in 2012 to trade secret theft, admitting he was trying to create a similar product for a software company he planned to create in China when he illegally downloaded more than 10,000 computer source code files.

In improving their security procedures, U..S companies—particularly large manufacturing companies—should consider enhancing their trade secret access controls, conducting periodic employee reinvestigations, and reviewing their termination procedures.

One of the challenges prosecutors faced in the cases reviewed was demonstrating that the information stolen was protected, classified, or marked in some way to ensure the user knew they were handling confidential company information, suggesting companies should do more in this area.

Trade secrets and related information should never be a file that an employee can easily access and download. In the 22 cases reviewed, 45 percent of the theft was conducted by current employees saving the information to a USB drive, laptop, or sending it as an email attachment; another 27 percent occurred by simply copying or taking documents outside of the office.
Periodic reinvestigations of employees with access to trade secret information should be common practice. These investigations should look into the employee’s travel, finances (particularly unexplained affluence), and any private business ventures, among other areas of inquiry. Fifty-five percent of the offenders traveled to or had plans to travel to China prior to their arrest.
One termination procedure that Carnegie Mellon’s Software Engineering Institute recommends is for companies to systematically review the employee’s access and online actions during the 30 days prior to termination. This would have been useful in the case of Suibin Zhang. The day after Zhang accepted a position at a competing company, he used his work account to download and steal trade secret information from an affiliate of his employer, Netgear, Inc.

Tagged with:Cybersecurity insider threat

Featured Piece

Warning Signs of a More Dangerous Global Conflict

BOTTOM LINE UP FRONT — If President Joe Biden’s recent remarks in Poland and President Vladimir Putin’s in Moscow just a day later are any indication of the path forward, the February 24 anniversary of the Russian invasion of Ukraine may represent the beginning of a new and potentially much more dangerous phase of the conflict, which is increasingly looking like a conflict between NATO and the Russian Federation.

FEB 22, 2023, BY ROB DANNENBERG

What the Experts Say

The Cipher Brief’s Open Source Report is an extraordinary product and an important daily read for situational awareness on national security issues.

General John R. Allen (Ret.) Former Commander of the NATO International Security Assistance Force in Afghanistan

I’m proud to be part of the network of experts at The Cipher Brief, which provides superb geopolitical advice and intelligence insights.

Admiral James Stavridis Former Supreme Allied Commander, NATO

The in-depth analysis The Cipher Brief provides, on all issues affecting our national security, written by some of the most senior and knowledgeable public and private sector experts, is truly unique and invaluable. It’s a must read for anyone interested in world affairs.

Ambassador Joseph R. Detrani Former Director, National Counter Proliferation Center

Congratulations to The Cipher Brief for actively promoting a national conversation – through conferences, analysis, and webinars at the highest level – on our country’s national security, intelligence capabilities, and challenges in confronting adversaries and competitors alike.

Emile Nakhleh Former Member, CIA's Senior Intelligence Service

The Cipher Brief has become required reading for national security decision-makers and practitioners. You can be certain that Cipher Brief articles are substantive in content and provide thoughtful analysis from expert professionals.

John Sipher Former Member, CIA's Senior Intelligence Service

The Cipher Brief is far from just another website pontificating about the subjects of the day without any credibility. With The Cipher Brief, you can always be sure that the authors actually know what they are writing about.

Kevin Hulbert Former CIA Chief Of Station

The Cipher Daily Brief

Sign up for the Free Newsletter

Get a daily rundown of the top security stories delivered to your inbox Monday through Friday with exclusive briefs and columns on what matters most to you and your organization.

Trade Secret Theft Trends: A Closer Look at the Perpetrators

Leave a Reply

The New Breathtaking ‘Red London’

The Cipher Daily Brief

Search