Attacks/Breaches
4/3/2008
03:58 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Random Search Stops $600 Million In Trade Secrets Bound For China

The feds have indicated a software engineer who was flying to China with confidential technical documents, a thumb drive, four external hard drives, 29 recordable compact discs, and a videotape.

A former software engineer for a telecommunications company based near Chicago was indicted for allegedly stealing trade secrets worth an estimated $600 million and trying to take the documents to China.

The FBI said Wednesday that Hanjuan Jin of Schaumburg, Ill., a naturalized U.S. citizen who was born in China, was stopped at Chicago's O'Hare International Airport on Feb. 28, 2007, in a random search.

According to an affidavit filed by FBI special agent Michael R. Diekmann, Jin was traveling on a one-way ticket to Beijing at the time. She declared that she had $10,000 in U.S. currency in her carry-on luggage. Customs and Border Protection officers found about $30,000 in cash.

According to Diekmann, this prompted officers to further inspect Jin's luggage, whereupon they found several technical documents labeled "[Company A] Confidential Property," Chinese documents, a European company's product catalog of military technology written in English, a personal laptop computer, a thumb drive, four external hard drives, 29 recordable compact discs, and one videotape.

A search of the thumb drive and hard drives, conducted with Jin's consent, revealed numerous documents marked "[Company A] Confidential Property." Initially, Jin told customs officers she worked for Company A. In a subsequent interview with law enforcement agents, Jin said she was on medical leave from Company A. She later said she worked for Company A and Company B at the same time. Company B is a Chicago-area company that competes with Company A.

Diekmann's affidavit and the indictment do not name either Company A or Company B.

Schaumburg-based Motorola is one of several telecommunications companies that Jin might have worked for. Asked to confirm or deny whether Jin had ever worked for Motorola, company spokeswoman Paula Thornton said in an e-mail," We are not able to do so, as Motorola does not comment on questions associated with pending prosecutions or ongoing governmental investigations."

Nortel also maintains an office in Schaumburg. A Dallas-based spokeswoman for the company said she'd never heard the name Hanjuan Jin.

Another possibility might be American Telecommunications Corp. When called, the person answering the phone declined to make a media contact available and hung up.

Jin was released, though customs agents retained the documents marked confidential and her computer equipment. She was again stopped at O'Hare on March 1, 2007, while traveling on another one-way ticket to Beijing.

Following a subsequent search of her home, Jin was arrested on March 7 based on a criminal complaint brought by Patrick J. Fitzgerald, the U.S. attorney for the Northern District of Illinois. She was released on $50,000 bond.

If Jin is convicted, each of the three counts against her carries a maximum penalty of 10 years in prison and a $250,000 fine.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.