The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Insider Stole Billion Dollar Battery Trade Secrets

by Chris Brook on Wednesday November 13, 2019

Contact Us
Free Demo
Chat

Yet another Chinese national - this time an employee at an Oklahoma petroleum company - has pleaded guilty to trade secret theft.

Yet another Chinese national residing in the U.S. has pleaded guilty to committing trade secret theft - in this case, research and development materials on battery technology - from his ex-employer.

According to the United States Attorney's Office of the Northern District of Oklahoma, which shared the news following the plea on Tuesday, the individual, Hongjin Tan, worked at an unnamed Oklahoma-based petroleum company for roughly a year and a half, from June 2017 to December 2018.

While employed as an associate scientist there, Tan worked hands on with next generation battery technology for stationary energy storage, namely flow batteries.

Flow batteries, viewed by many in the industry as the next big thing for grid scale energy storage, function akin to a battery/fuel cell hybrid. Energy is produced by two chemical components dissolved in liquids and separated by a membrane.

While Tan didn't plead guilty until this week the events around the case date back to 2018, when Tan apparently used a thumb drive to copy hundreds of files.

A criminal complaint filed last December revealed that Tan resigned from the company on December 12 after informing his supervisor he was going to return to China in order to be his aging parents – something that would wind up being a lie.

While Tan didn't say he had a job lined up, he did acknowledge he was negotiating with a few battery companies in China – a statement that would also prove deceitful. As is to be expected, the two admissions - that Tan was moving back to China and interviewing at competing battery manufacturers - piqued the company's interest.

After revoking his access to company systems and initiating a review of Tan's computer activity, the organization's information technology department discovered that he had accessed hundreds of files, in particular documents that outlined how to make an extremely profitable and complicated product.

While the complaint obviously doesn’t specify what the product is, it does claim the company has made $1.4-1.8 billion selling it, something that makes it "tremendously significant and of great value to competitors," in the eyes of the company according to the court document.

In addition to accessing the data, which also included the company's plans for marketing the product in China in cell phone and lithium-based battery systems, Tan downloaded the files to a personal thumb drive.

Tan eventually returned the USB flash drive to the company's Research Technology Center but only after being asked to by his supervisor. Upon further review, the company discovered that Tan had deleted five documents from the USB flash drive - information that would have allowed competitors with the technical knowledge and process to manufacture the product Tan was working on.

Tan defended his actions by claiming he planned to write a report on the lab data but upon review of the flash drive, Tan has no authority to handle the documents. Each page was marked "confidential" and "restricted," according to the complaint.

The company carried out a forensic examination of Tan’s laptop a week after he resigned. On it they found a scanned copy of a letter, from October, from the company that Tan had interviewed with, essentially guaranteeing him a new job there, as long as the information he provided them is real and effective - and that he hasn't provided it to a competitor.

While the company had evidence Tan took the data, in many ways the scanned job offer letter was the smoking gun here.

As Trent Shores, a U.S. Attorney for the Northern District of Oklahoma noted Tuesday, Tan was more or less caught red handed.

“China’s economic aggression poses a threat to America’s emerging high-technology industries. Industrial spies like Hongjin Tan engage in espionage to steal American trade secrets and intellectual property born out of the innovation that is innate in our free market system,” Shores said. “Thanks to a vigilant company and the investigative efforts of the FBI, Hongjin Tan was caught red handed and prosecuted. American ingenuity and know-how are the envy of the international market, and the U.S. Attorneys community will work to protect our economic infrastructure.”

Like many trade secret theft cases of late, Tan's company took the necessary steps to protect their data - it used locked doors with magnetic card readers, it limited trade secrets to certain employees, it had employees sign non-disclosure, intellectual property, and confidentiality notices – it just didn’t do enough.

It's been well documented at this point how damaging a tiny thumb drive can be to an enterprise when it comes to the exfiltration of intellectual property. While seen as a basic security step, without the means block and stop the copying of sensitive data via USB in the first place, companies are opening themselves to a heap of risk.

Tags: IP theft

Recommended Resources


  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • How to simplify the classification process
  • Why classification is important to your firm's security
  • How automation can expedite data classification

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.