Risk
5/14/2009
05:34 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

U.S. Defense Department Official Charged With Espionage

A civilian employee at the Pentagon has been charged with conspiring to provide classified information to an agent with ties to the People's Republic of China.

In an expansion of an espionage investigation disclosed last year, a Defense Department official has been charged with conspiring to provide classified information to an agent with ties to the People's Republic of China (PRC).

The accused, James Wilbur Fondren Jr., 62, was a civilian employee at the Pentagon and the deputy director of the Washington Liaison Office of the U.S. Pacific Command. He retired from active duty in the U.S. Air Force as a lieutenant colonel in 1996. He has been on administrative leave since February 2008, when the Justice Department announced the arrests of several individuals for stealing military aerospace secrets and sending them to China.

One of the individuals arrested last year was Tai Shen Kuo, a furniture businessman and a naturalized U.S. citizen. Another was former Defense Department employee Gregg William Bergersen.

In March 2008, Bergersen pleaded guilty to conspiring to provide U.S. defense information to China and was later sentenced to almost five years in prison.

In May 2008, Kuo pleaded guilty to similar charges. He subsequently was sentenced to more than 15 years in prison. Kuo was a close associate of Fondren's and was a guest at Fondren's house at the time of his arrest. Fondren allegedly believed Kuo to have ties with officials in Taiwan rather than with the PRC.

The FBI affidavit in Kuo's case describes a sweeping surveillance operation directed at Kuo. In addition to physical surveillance, the FBI monitored his e-mail accounts at Bellsouth.net, Gmail, and Hotmail, as well as his telephone communications. The agency also covertly copied the hard drive on Kuo's laptop and placed audiovisual surveillance equipment in a car Kuo rented.

The FBI affidavit filed as part of the case against Fondren suggests that the agency's eavesdropping operation helped incriminate Fondren as well as Kuo. It includes transcripts of several conversations between Fondren and Kuo about the transfer of classified information that allegedly occurred in Fondren's Annandale, Va., home.

Dana J. Boente, acting U.S. attorney for the Eastern District of Virginia, called the allegations in the Fondren case "troubling" and said, "The U.S. government places considerable trust in those given access to classified information, and we are committed to prosecuting those who abuse that trust."

Rick Howard, director of security intelligence at VeriSign iDefense, said that this kind of espionage goes on all the time. "All governments have espionage operations where they're trying to turn people to give them inside information," he said.

It's noteworthy, he said, that this isn't cyberespionage. "It's traditional spy-vs.-spy stuff," he said.

Howard said that while every organization that deals with sensitive information has procedures to protect that information, "it's not too hard to defeat those things if you're determined."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1449
Published: 2014-12-25
The Maxthon Cloud Browser application before 4.1.6.2000 for Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses the history API.

CVE-2014-2217
Published: 2014-12-25
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.

CVE-2014-3971
Published: 2014-12-25
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

CVE-2014-7193
Published: 2014-12-25
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site ...

CVE-2014-7300
Published: 2014-12-25
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.