Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

11/21/2010
08:38 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Chinese National Pleads Guilty To Stealing Ford Trade Secrets

Former Ford employee faces a sentence of between 63-78 months’ imprisonment

Former Ford employee Xiang Dong Yu, aka Mike Yu, 49, of Beijing, China, pleaded guilty today in federal court to two counts of theft of trade secrets, announced Barbara L. McQuade, United States Attorney for the Eastern District of Michigan. McQuade was joined in the announcement by Andrew G. Arena, Special Agent in Charge of the FBI.

According to the plea agreement in this case, Yu was a product engineer for the Ford Motor Company from 1997 to 2007 and had access to Ford trade secrets, including Ford design documents. In December 2006, Yu accepted a job at the China branch of a U.S. company. On the eve of his departure from Ford and before he told Ford of his new job, Yu copied some 4,000 Ford documents onto an external hard drive, including sensitive Ford design documents. Included in those documents were system design specifications for the engine/transmission mounting subsystem, electrical distribution system, electric power supply, electrical subsystem and generic body module, among others. Ford spent millions of dollars and decades on research, development, and testing to develop and continuously improve the design specifications set forth in these documents. The majority of the design documents copied by the defendant did not relate to his work at Ford. On December 20, 2006, the defendant traveled to the location of his new employer in Shenzhen, China, taking the Ford trade secrets with him. On January 2, 2007, Yu e-mailed his Ford supervisor from China and informed him that he was leaving Ford’s employ.

The plea agreement further states that in November 2008, the defendant began working for Beijing Automotive Company, a direct competitor of Ford. On October 19, 2009, the defendant returned to the United States, flying into Chicago from China. Upon his arrival, the defendant was arrested on a warrant issued upon the indictment in this case. At that time, the defendant had in his possession his Beijing Automotive Company laptop computer. Upon examination of that computer, the FBI discovered that 41 Ford system design specifications documents had been copied to the defendant’s Beijing Automotive Company work computer. The FBI also discovered that each of those design documents had been accessed by the defendant during the time of his employment with Beijing Automotive Company.

Under the plea agreement, Yu faces a sentence of between 63-78 months’ imprisonment based on an agreed loss amount of more than $50 million and less than $100 million and a fine of up to $150,000. The agreement also provides that Yu will be deported from the United States after completing any term of incarceration.

"We will vigilantly protect the intellectual property of our U.S. automakers, who invest millions of dollars and decades of time in research and development to compete in a global economy," McQuade said. "Those who do not play by the rules will be brought to justice."

Special Agent Arena stated, “Michigan, as well as the rest of the United States, is significantly impacted by the auto industry. Theft of trade secrets is a threat to national security and investigating allegations involving theft of trade secrets is a priority for the FBI. The FBI will continue to aggressively pursue these cases.”

Yu remains in federal custody and is scheduled to be sentenced on February 23, 2011 at 10:00 a.m.

The investigation of this case had been conducted by the Federal Bureau of Investigation. This case is being prosecuted by Assistant U.S. Attorney Cathleen Corken.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).