Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

2/14/2019
04:15 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

One American, One Chinese National Indicted for Conspiracy to Commit Theft of Trade Secrets and Wire Fraud

A grand jury sitting in Greeneville, Tennessee has returned an indictment against Xiaorong You, a/k/a Shannon You, 56, of Lansing, Michigan, and Liu Xiangchen, 61, of Shandong Province, China for conspiracy to steal trade secrets related to formulations for bisphenol-A-free (BPA-free) coatings.  You was also indicted on seven counts of theft of trade secrets and one count of wire fraud.

Assistant Attorney General National Security John C. Demers, U.S. Attorney J. Douglas Overbey of the Eastern District of Tennessee, FBI Executive Assistant Director for the National Security Branch Jay Tabb, and Special Agent in Charge Troy Sowers of the FBI’s Knoxville Field Office made the announcement.

“The conduct alleged in today’s indictment exemplifies the rob, replicate and replace approach to technological development,” said Assistant Attorney General Demers.  “Xiaorong You is accused of an egregious, premediated theft and transfer of trade secrets worth more than $100 million for the purpose of setting up a Chinese company that would compete with the American companies from which the trade secrets were stolen.  Unfortunately, China continues to use its national programs, like the ‘Thousand Talents,’ to solicit and reward the theft of our nation’s trade secrets and intellectual property, but the Justice Department will continue to prioritize investigations like these, to ensure that China understands that this criminal conduct is not an acceptable business or economic development practice.” 

“Our office is committed to working closely with our federal, state and local partners to identify and prosecute those who engage in illegal and deceptive practices to steal trade secret and protected information from companies who spend millions of dollars to develop it,” said U.S. Attorney Overbey.  “Not only can theft of this information be potentially devastating to our American companies, it could also pose a threat to our overall national and economic security.”

“The facts laid out in this indictment show the conspirators engaged in blatant criminal activity,” said Executive Assistant Director Tabb.  “They didn't stop at going after technical secrets belonging to just one company.  They allegedly targeted multiple companies and made off with trade secrets at an estimated value of almost 120 million dollars.  As this case demonstrates, the FBI is determined to do everything possible to bring to justice those who try to steal secrets belonging to American companies.”

The BPA-free trade secrets allegedly stolen by these individuals belonged to multiple owners and cost an estimated total of at least $119,600,000 to develop.  Until recently, bisphenol-A (BPA) was used to coat the inside of cans and other food and beverage containers to help minimize flavor loss, and prevent the container from corroding or reacting with the food or beverage contained therein.  However, due to the discovered potential harmful effects of BPA, companies began searching for BPA-free alternatives. These alternatives are difficult and expensive to develop.

From December 2012 through Aug. 31, 2017, You was employed as Principal Engineer for Global Research by a company in Atlanta, which had agreements with numerous companies to conduct research and development, testing, analysis and review of various BPA-free technologies.  Due to her extensive education and experience with BPA and BPA-free coating technologies, she was one of a limited number of employees with access to trade secrets belonging to the various owners.  From approximately September 2017 through June 2018, You was employed as a packaging application development manager for a company in Kingsport, Tennessee, where she was one of a limited number of employees with access to trade secrets belonging to that company.

Details of the conspiracy are included in the indictment on file with the U.S. District Court.  The indictment alleges that You, Liu, and a third co-conspirator formulated a plan in which You would exploit her employment with the two American employers to steal trade secrets and provide the information for the economic benefit of trade secrets the Chinese company that Liu managed, which would manufacture and profit from products developed using the stolen trade secrets.  In exchange, Liu would cause the Chinese company to reward You for her theft, by helping her receive the Thousand Talent and another financial award, based on the trade secrets she stole, and by giving You an ownership share of a new company that would “own” the stolen trade secrets in China.  The conspirators also agreed to compete with U.S. and foreign companies, including some of the owners of the stolen stolen trade secrets, in China and elsewhere, by selling products designed, developed and manufactured using the stolen trade secrets.

The charges contained in this indictment are merely allegations, and the defendants are presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law. 

The case is being investigated by the FBI’s Knoxville Field Office.

The government’s case is being prosecuted by the Eastern District of Tennessee and the National Security Division’s Counterintelligence and Export Control Section.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
The Problem with Proprietary Testing: NSS Labs vs. CrowdStrike
Brian Monkman, Executive Director at NetSecOPEN,  7/19/2019
How Attackers Infiltrate the Supply Chain & What to Do About It
Shay Nahari, Head of Red-Team Services at CyberArk,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-10102
PUBLISHED: 2019-07-22
The Linux Foundation ONOS 1.15.0 and ealier is affected by: Improper Input Validation. The impact is: The attacker can remotely execute any commands by sending malicious http request to the controller. The component is: Method runJavaCompiler in YangLiveCompilerManager.java. The attack vector is: ne...
CVE-2019-10102
PUBLISHED: 2019-07-22
Frog CMS 1.1 is affected by: Cross Site Scripting (XSS). The impact is: Cookie stealing, Alert pop-up on page, Redirecting to another phishing site, Executing browser exploits. The component is: Snippets.
CVE-2019-10102
PUBLISHED: 2019-07-22
Ilias 5.3 before 5.3.12; 5.2 before 5.2.21 is affected by: Cross Site Scripting (XSS) - CWE-79 Type 2: Stored XSS (or Persistent). The impact is: Execute code in the victim's browser. The component is: Assessment / TestQuestionPool. The attack vector is: Cloze Test Text gap (attacker) / Corrections ...
CVE-2019-9959
PUBLISHED: 2019-07-22
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.
CVE-2019-4236
PUBLISHED: 2019-07-22
A IBM Spectrum Protect 7.l client backup or archive operation running for an HP-UX VxFS object is silently skipping Access Control List (ACL) entries from backup or archive if there are more than twelve ACL entries associated with the object in total. As a result, it could allow a local attacker to ...