Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Does Your Company Classify,Protect, and Track Its Data?

leave a comment »

Ex-Ford employee held in data theft

Engineer charged with copying proprietary documents and trying to sell them in China

Bryce G. Hoffman / The Detroit News

The Justice Department charged a former Ford Motor Co. engineer with stealing company secrets and trying to peddle them to Chinese competitors.

Chinese-born Xiang Dong Yu — also known as Mike Yu — was arrested Wednesday at Chicago’s O’Hare International Airport when he tried to re-enter the country from China. The 47-year-old is charged with five counts of theft of trade secrets, attempted theft of trade secrets and unauthorized access to a protected computer.

According to a federal indictment unsealed Wednesday, Yu was a product engineer for Ford from 1997 to 2007 and had access to Ford trade secrets. Law enforcement officials say that, just prior to leaving the Dearborn automaker, Yu copied thousands of confidential documents, including what they described as “sensitive Ford design documents” and “system design specification documents.”

Full Story Here:

Ya know, is it me, or are we seeing more cases of industrial espionage from China lately? Hmmm, guess it’s just my imagination… NOT. So, this begs a question;

“Just how many more cases have there been that just never got caught on to?”

Now, I assume that Ford caught on to his espionage by either one of two scenarios;

  • Yu was sloppy and someone in his group of workmates saw or felt that he was taking large amounts of data or acting strangely
  • Yu was caught with auditing from the file servers that he was accessing the data from
  • Now, I would love to think that they had auditing measures in place and caught on to his taking of mass quantities of data by copying them to an external drive… But… Well, given what I have seen in many companies, this just isn’t as likely a scenario as one might suspect.

    So, ask yourself this question.. Just how many companies out there that make important machines, or hold important data actually are performing the “due diligence” to protect their own IP from being stolen and placed in the hands of the likes of China?

    My last post has insight into the collective mindset at many corporations. security has always been the first budget to be cut in bad times and even today, with all the threats in the environment, still the corps cut off their nose despite their face.

    Now take this idea and apply it to the government. A place where turf wars are preventing proper securing of the space and laws are weak…

    Good god we are screwed…

    No wonder all of the “Cyber Tsars” keep quitting eh?

    Just sayin…

    Anyway, one has to wonder just how much of our data is in the Chinese hands by the likes of Mr. Yu and others like him… Perhaps we will never know because companies are just not able to, or willing to implement the right proactive remediations to stop them if not just track their data leaving their domains…

    ** EDIT ** Well in looking through some Google searches it seems that they caught Yu getting OFF the plane from Mainland China.. So.. OOPSIES, I guess Ford was not too proactive were they… Damage done.

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s

    %d bloggers like this: