Threat Intelligence Blog

Posted February 8, 2013

trade-secretShanshan Du, an ex-employee of automaker General Motors and her husband, Yu Qin, were convicted this past December of stealing trade secrets from the automaker and soliciting Chinese businesses to invest in their own company. According to the prosecution at their trial, Du positioned herself to work in GM’s hybrid-car division as an electrical engineer, a position she held for several years. After being offered a severance package due to poor performance, Du stole information about the hybrid’s motor controls and fed the stolen data to Qin, who was also an electrical engineer at a car part manufacturer. Armed with the stolen data, Qin solicited business ventures to sell the data to Chinese car companies and attempted to leverage the information to gain employment and investments.

The two were caught when Qin’s employer became suspicious that he was running a business that was in direct competition to their company and started to investigate his work area. Upon investigating some portable hard-drives, files believed to be the property of GM were identified. Qin’s employer notified GM who in turn notified the Federal Bureau of Investigation, which opened an investigation into the two.Estimates given by GM placed the value of the information stolen by Du at near $40 million dollars. Both Du and Qin faced one count of conspiracy to possess trade secrets without authorization and two counts of unauthorized possession of trade secrets, as well as three counts of wire fraud. Following a trial, Du would be acquitted of the wire fraud charges but convicted of the three trade secret counts. Qin would be found guilty on all six counts as well as an obstruction of justice charge. The two will be sentenced this month but face 10 years for each count.Given the tendency of data to “spill” sooner or later from an enterprise, organizations must tackle the issue with the short and long term in mind. Monitoring the Internet for leaked documents is not an option today. Cyveillance helps large enterprises protect themselves from data leakage and intellectual property theft, so reach out to us if you’d like assistance at your organization. We also strongly recommend raising counterintelligence awareness locally by hanging posters like the one above, made available for free by the US Office of the National Counterintelligence Executive provides free posters. Make information protection a priority in 2013!


Additional Posts

Mapping a Malware Campaign Targeting Russia

A recent malware campaign has caught the eye of researchers for what appears to be a focused attack ...

The Right to Bear Low Orbit Ion Cannons

DDoS Attacks as Constitutional Problem: Germany's Experience A distributed denial of service (DDoS) ...