News and commentary on organized crime, street crime, white collar crime, cyber crime, sex crime, crime fiction, crime prevention, espionage and terrorism.
Wednesday, June 15, 2016
Chinese National Charged For Stealing Source Code From Former Employer With Intent To Benefit Chinese Government
The U.S. Justice Department released the below link:
Xu Jiaqiang, 30, was charged in a six-count superseding indictment with economic espionage and theft of trade secrets, in connection with Xu’s theft of proprietary source code from his former employer, with the intent to benefit the National Health and Family Planning Commission of the People’s Republic of China.
The superseding indictment was announced by Assistant Attorney General for National Security John P. Carlin and U.S. Attorney Preet Bharara of the Southern District of New York.
Xu was initially arrested by the FBI on Dec. 7, 2015, and was previously charged with one count of theft of trade secrets. Xu is scheduled to be arraigned on the superseding indictment at 12 p.m. EDT on June 16, 2016, before U.S. District Judge Kenneth M. Karas of the Southern District of New York.
“Xu allegedly stole proprietary information from his former employer for his own profit and the benefit of the Chinese government,” said Assistant Attorney General Carlin. “Those who steal America’s trade secrets for the benefit of foreign nations pose a threat to our economic and national security interests. The National Security Division will continue to work tirelessly to identify, pursue and prosecute any individual who attempts to harm American businesses by robbing them of their valuable intellectual property.”
“As alleged, Xu Jiaqiang is charged with stealing valuable, proprietary software from his former employer, an American company, that he intended to share with an agency within the Chinese government,” said U.S. Attorney Bharara. “Economic espionage not only harms victim companies that have years or even decades of work stolen, but it also crushes the spirit of innovation and fair play in the global economy. Economic espionage is a serious federal crime, for which my office, the Department of Justice’s National Security Division, and the FBI will show no tolerance.”
According to the allegations contained in the criminal complaint on which Xu was initially arrested, the original indictment and the superseding indictment:
From November 2010 to May 2014, Xu worked as a developer for a particular U.S. company (victim company). As a developer, Xu had access to certain proprietary software, as well as that software’s underlying source code. The proprietary software is a clustered file system developed and marketed by the victim company in the United States and other countries. A clustered file system facilitates faster computer performance by coordinating work among multiple servers. The victim company takes significant precautions to protect the proprietary source code as a trade secret because the value of the proprietary source code depends in part on its secrecy. Among other things, the proprietary source code is stored behind a company firewall and can be accessed by only a small subset of the victim company’s employees. Before receiving proprietary source code access, victim company employees must first request and receive approval from a particular victim company official. Victim company employees must also agree in writing at both the outset and the conclusion of their employment that they will maintain the confidentiality of any proprietary information.
In May 2014, Xu voluntarily resigned from the victim company. Xu subsequently communicated with one undercover law enforcement officer (UC-1), who posed as a financial investor aiming to start a large-data storage technology company, and another undercover law enforcement officer (UC-2), who posed as a project manager working for UC-1. In these communications, Xu discussed his past work with the victim company and indicated that he had experience with the proprietary software and the proprietary source code. On March 6, 2015, Xu sent UC-1 and UC-2 a code, which Xu stated was a sample of Xu’s prior work with the victim company. A victim company employee (employee-1) later confirmed that the code sent by Xu included proprietary victim company material that related to the proprietary source code.
Xu subsequently informed UC-2 that he was willing to consider providing UC-2’s company with the proprietary source code as a platform for UC-2’s company to facilitate the development of UC-2’s company’s own data storage system. Xu informed UC-2 that if UC-2 set up several computers as a small network, then Xu would remotely install the proprietary software so that UC-1 and UC-2 could test it and confirm its functionality.
In or around early August 2015, the FBI arranged for a computer network to be set up, consistent with Xu’s specifications (UC network). Files were then remotely uploaded to the FBI-arranged computer network. Thereafter, on or about Aug. 26, 2015, Xu and UC-2 confirmed that UC-2 had received the upload. In September 2015, the FBI made Xu’s upload available to a victim company employee who has expertise regarding the proprietary software and the proprietary source code (employee-2). Based on employee-2’s analysis of technical features of Xu’s upload, it appeared to employee-2 that the upload contained a functioning copy of the proprietary software. It further appeared to employee-2 that Xu’s upload had been built by someone with access to the proprietary source code that was not working within the victim company or otherwise at the victim company’s direction.
On Dec. 7, 2015, Xu met with UC-2 at a hotel in White Plains, New York. Xu stated, in sum and substance, that he had used the proprietary source code to make software to sell to customers, that he knew the proprietary source code was the product of decades of work on the part of the victim company and that he had used the proprietary source code to build a copy of the proprietary software, which he had uploaded and installed on the UC network. Xu also indicated that he knew that the copy of the proprietary software he had installed on the UC network contained information identifying the proprietary software as the victim company’s property, which could reveal the fact that the proprietary software had been built with the proprietary source code without the victim company’s authorization. Xu told UC-2 that he could take steps to prevent detection of the proprietary software’s origins, including writing computer scripts that would modify the proprietary source code to conceal its origins.
Later on Dec. 7, 2015, Xu met with UC-1 and UC-2 at the hotel. During that meeting, Xu showed UC-2 a copy of what he represented to be the proprietary source code on his laptop. Xu noted to UC-2 a portion of the code that indicated it originated with the victim company as well as the date on which it had been copyrighted. Xu also stated that he had previously modified the proprietary source code’s command interface to conceal the fact that the proprietary source code originated with the victim company and identified multiple specific customers to whom he had previously provided the proprietary software using his stolen copy of the proprietary source code.
In connection with the economic espionage counts charged in the superseding indictment, Xu stole, duplicated and possessed the proprietary source code with the intent to benefit the National Health and Planning Commission of the People’s Republic of China.
The superseding indictment charges Xu with three counts of economic espionage, which each carry a maximum sentence of 15 years in prison. He was also charged with three counts of theft of a trade secret, which each carry a maximum sentence of 10 years in prison. The maximum potential sentences in this case are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by a judge.
A superseding indictment contains allegations that a defendant has committed a crime. Every defendant is presumed to be innocent until and unless proven guilty.
The case is being investigated by the FBI, and is being prosecuted by Assistant U.S. Attorneys Benjamin Allee and Ilan Graff of the Southern District of New York, with assistance from Trial Attorney David Aaron of the National Security Division’s Counterintelligence and Export Control Section.
Paul Davis is a writer who covers crime. He has written extensively about organized crime, street crime, sex crime, cyber crime, drug crime, white collar crime, crime fiction, crime prevention, espionage and terrorism. His 'On Crime' column appears weekly in the Washington Times. He is also a regular contributor to Counterterrorism magazine. His work has also appeared in the Philadelphia Inquirer, the Philadelphia Daily News and other newspapers, magazines and online publications. His crime fiction has appeared in online crime magazines. As a writer, he has attended police academy training, gone out on patrol with police officers, accompanied detectives as they worked cases, accompanied narcotics officers on drug raids, observed criminal court proceedings and visited jails and prisons. He has covered street riots, mob wars and murder investigations. Paul Davis' online "Crime Beat" column offers his long-form Q&As with cops, crooks and crime writers. Paul Davis has been a student of crime since he was a 12-year-old aspiring writer growing up in South Philadelphia. He enlisted in the U.S. Navy when he was 17 in 1970 and served on the aircraft carrier USS Kitty Hawk during the Vietnam War. He also served two years on the Navy harbor tugboat USS Saugus at the U.S. floating nuclear submarine base at Holy Loch, Scotland. Following his Navy service, he performed security work as a Defense Department civilian and worked part-time as a freelance writer. He was also a producer and on-air host of the radio program Inside Government for 14 years. He became a full-time writer in 2007. Paul Davis' On Crime and Crime Beat columns, his crime fiction and his magazine and newspaper pieces can be read on this website. His full bio can be read by clicking on the above photo.