Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

2/14/2019
04:15 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

One American, One Chinese National Indicted for Conspiracy to Commit Theft of Trade Secrets and Wire Fraud

A grand jury sitting in Greeneville, Tennessee has returned an indictment against Xiaorong You, a/k/a Shannon You, 56, of Lansing, Michigan, and Liu Xiangchen, 61, of Shandong Province, China for conspiracy to steal trade secrets related to formulations for bisphenol-A-free (BPA-free) coatings.  You was also indicted on seven counts of theft of trade secrets and one count of wire fraud.

Assistant Attorney General National Security John C. Demers, U.S. Attorney J. Douglas Overbey of the Eastern District of Tennessee, FBI Executive Assistant Director for the National Security Branch Jay Tabb, and Special Agent in Charge Troy Sowers of the FBI’s Knoxville Field Office made the announcement.

“The conduct alleged in today’s indictment exemplifies the rob, replicate and replace approach to technological development,” said Assistant Attorney General Demers.  “Xiaorong You is accused of an egregious, premediated theft and transfer of trade secrets worth more than $100 million for the purpose of setting up a Chinese company that would compete with the American companies from which the trade secrets were stolen.  Unfortunately, China continues to use its national programs, like the ‘Thousand Talents,’ to solicit and reward the theft of our nation’s trade secrets and intellectual property, but the Justice Department will continue to prioritize investigations like these, to ensure that China understands that this criminal conduct is not an acceptable business or economic development practice.” 

“Our office is committed to working closely with our federal, state and local partners to identify and prosecute those who engage in illegal and deceptive practices to steal trade secret and protected information from companies who spend millions of dollars to develop it,” said U.S. Attorney Overbey.  “Not only can theft of this information be potentially devastating to our American companies, it could also pose a threat to our overall national and economic security.”

“The facts laid out in this indictment show the conspirators engaged in blatant criminal activity,” said Executive Assistant Director Tabb.  “They didn't stop at going after technical secrets belonging to just one company.  They allegedly targeted multiple companies and made off with trade secrets at an estimated value of almost 120 million dollars.  As this case demonstrates, the FBI is determined to do everything possible to bring to justice those who try to steal secrets belonging to American companies.”

The BPA-free trade secrets allegedly stolen by these individuals belonged to multiple owners and cost an estimated total of at least $119,600,000 to develop.  Until recently, bisphenol-A (BPA) was used to coat the inside of cans and other food and beverage containers to help minimize flavor loss, and prevent the container from corroding or reacting with the food or beverage contained therein.  However, due to the discovered potential harmful effects of BPA, companies began searching for BPA-free alternatives. These alternatives are difficult and expensive to develop.

From December 2012 through Aug. 31, 2017, You was employed as Principal Engineer for Global Research by a company in Atlanta, which had agreements with numerous companies to conduct research and development, testing, analysis and review of various BPA-free technologies.  Due to her extensive education and experience with BPA and BPA-free coating technologies, she was one of a limited number of employees with access to trade secrets belonging to the various owners.  From approximately September 2017 through June 2018, You was employed as a packaging application development manager for a company in Kingsport, Tennessee, where she was one of a limited number of employees with access to trade secrets belonging to that company.

Details of the conspiracy are included in the indictment on file with the U.S. District Court.  The indictment alleges that You, Liu, and a third co-conspirator formulated a plan in which You would exploit her employment with the two American employers to steal trade secrets and provide the information for the economic benefit of trade secrets the Chinese company that Liu managed, which would manufacture and profit from products developed using the stolen trade secrets.  In exchange, Liu would cause the Chinese company to reward You for her theft, by helping her receive the Thousand Talent and another financial award, based on the trade secrets she stole, and by giving You an ownership share of a new company that would “own” the stolen trade secrets in China.  The conspirators also agreed to compete with U.S. and foreign companies, including some of the owners of the stolen stolen trade secrets, in China and elsewhere, by selling products designed, developed and manufactured using the stolen trade secrets.

The charges contained in this indictment are merely allegations, and the defendants are presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law. 

The case is being investigated by the FBI’s Knoxville Field Office.

The government’s case is being prosecuted by the Eastern District of Tennessee and the National Security Division’s Counterintelligence and Export Control Section.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Zero Trust doesn't have to break your budget!
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34812
PUBLISHED: 2021-06-18
Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2021-34808
PUBLISHED: 2021-06-18
Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified vectors.
CVE-2021-34809
PUBLISHED: 2021-06-18
Improper neutralization of special elements used in a command ('Command Injection') vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors.
CVE-2021-34810
PUBLISHED: 2021-06-18
Improper privilege management vulnerability in cgi component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors.
CVE-2021-34811
PUBLISHED: 2021-06-18
Server-Side Request Forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to access intranet resources via unspecified vectors.