Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

10/16/2009
03:36 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Ex-Ford Engineer Indicted For Allegedly Stealing Company Secrets

Xiang Dong Yu allegedly copied 4,000 sensitive Ford documents onto a USB drive before leaving the company

Yet another major corporation may have been the victim of one of its own stealing trade secrets: A former Ford Motor engineer has been indicted for allegedly stealing thousands of sensitive documents from the company and copying them onto a USB drive before taking a job with another auto company.

Xiang Dong Yu, who also goes by Mike Yu, was arrested Wednesday at Chicago's O'Hare Airport after returning from a trip to China, according to published reports. Yu, 47, is charged in an indictment with theft, attempted theft of trade secrets, and unauthorized access to a computer and faces up to 10 years in prison. He currently works for an unnamed competitor to Ford in China.

Yu allegedly copied 4,000 documents that contained Ford design information, including engine and transmission mounting subsystems, electrical distribution systems, doors, mirrors, steering-wheel assemblies, power systems, and wipers. The indictment says he allegedly stole most of the information in December 2006, just before he resigned from his engineering job at Ford to take a position at a company in China. In spring 2008, he allegedly used some of the stolen Ford information while job-hunting in China.

"Employees and employers should be aware that stealing proprietary trade secrets to gain an economic advantage is a serious federal offense that will be prosecuted aggressively," U.S. Attorney Terrence Berg said in a statement.

Employees siphoning their employers' corporate trade secrets onto a USB drive for profit or leverage in another job is nothing new -- similar insider theft incidents occurred at duPont and Intel.

"This problem isn't isolated to Ford," says Brian Cleary, vice president of products and marketing at Aveksa. "There have been other very similar situations where people with a bona fide reason to access this information chose to misuse that access for fraud purposes...The challenge to organizations is understanding where they are introducing access-related business risks."

Cleary says the keys to protecting yourself from a rogue privileged user is ensuring that no one has access to anything they don't need for their job, monitoring their access patterns and activities, revoking privileges users aren't using, and deploying real-time access monitoring for users with access to highly sensitive data.

And while the options for securing USB access were a bit slimmer during Yu's alleged activities three years ago, locking down USB drives is crucial, notes Ben Goodman, principal technical specialist for compliance at Novell. "Having an engineering workstation with access to intellectual property that [would have] let him use CD-Rs or USBs is almost neglect [today], " Goodman says. "There are so many tools out there to help you lock down USB drives."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Windows 10 Migration: Getting It Right
Kevin Alexandra, Principal Solutions Engineer at BeyondTrust,  5/15/2019
Baltimore Ransomware Attack Takes Strange Twist
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/14/2019
When Older Windows Systems Won't Die
Kelly Sheridan, Staff Editor, Dark Reading,  5/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12184
PUBLISHED: 2019-05-19
There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136.
CVE-2019-12173
PUBLISHED: 2019-05-18
MacDown 0.7.1 (870) allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138.
CVE-2019-12172
PUBLISHED: 2019-05-17
Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137.
CVE-2019-12168
PUBLISHED: 2019-05-17
Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code execution via the Command Shell (aka Administration > Commands) screen.
CVE-2019-12170
PUBLISHED: 2019-05-17
ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/backups/upload.php (aka backup) component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PH...