The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

U.S. Convicts China's Sinovel of IP Theft Following Years of Litigation



After years of litigation a federal jury convicted Chinese turbine manufacturer Sinovel of conspiracy to commit trade secret theft, theft of trade secrets, and wire fraud last month.

When a federal jury indicted Sinovel Wind Group Co, a wind turbine manufacturer based in China, last month it ended a nearly seven-year odyssey.

The US Department of Justice first brought intellectual property (IP) theft charges against Sinovel - the largest wind turbine manufacturer in China - back in 2013 on charges it stole trade secrets from energy technology company AMSC, Inc., formerly American Superconductor Inc. AMSC, a 31-year-old energy technology company, specializes in designing wind turbine electronic controls and systems.

After years of litigation, AMSC finally had its day in court on January 24. Following an 11-day trial, a jury in Madison, Wisconsin convicted Sinovel of conspiracy to commit trade secret theft, theft of trade secrets, and wire fraud. U.S. Attorney Timothy O'Shea told the jury last month the theft cost the company $800 million in equipment that AMSC sent to Sinovel but was never paid for and additional equipment that Sinovel had signed contracts to buy but were ultimately canceled.

According to the DOJ Sinovel recruited Dejan Karabasevic, an employee of AMSC Windtec Gmbh, a subsidiary of AMSC, to copy intellectual property – source code belonging to a turbine control system – from AMSC's network. Post trial jury instructions filed with a federal court last month said that Sinovel copied the source code of AMSC's PM3000 software, a part of AMSC's wind turbine electrical control system, from AMSC on March 7, 2011, and transmitted it by downloading it from an AMSC computer in Wisconsin to a computer in Klagenfurt, Austria.

the 2013 charges weren't the first levied against Sinovel; AMSC first filed charges, a series of criminal and civil complaints, against the company in 2011 alleging the firm used AMSC's IP to upgrade its 1.5 megawatt turbines to meet Chinese grid codes.

According to the indictment Karabasevic was offered a one-year contract, from June 2011 to June 2012. The Chinese company gave Karabasevic a laptop that he apparently used to steal data belonging to AMSC on Low Voltage Ride Through (LVRT)-compliant wind turbines. After the theft, per the DOJ, Sinovel commissioned a handful of wind turbines in Massachusetts and copied into the turbines software compiled from the source code stolen by AMSC.

AMSC is based in Devens, Mass. but in the process of moving to the next town over, Ayer.

While Sinovel was convicted - and scheduled to be sentenced on June 4 - it remains to be seen if any of the individuals implicated in the indictment will actually see jail time. None of them are in custody, nor reside in the U.S.; Karabasevic resides in Serbia while the two Sinovel employees who recruited him, Su Liying, former deputy director of Sinovel’s Research and Development, and Zhao Haichun, Sinovel's former technology manager, both reside in China.

As CSO - which dug into the U.S. v. Sinovel Wind Group Co Ltd case last week - notes, having a data loss prevention strategy in place could have helped mitigate some of the damage caused by Sinovel early on.

Companies, especially manufacturers - which tend to be rich in data and intellectual property - would be well served to have an IP protection plan in place. IP can refer to a handful of different data types: designs, chemical formulas, business processes, costing, or in AMSC's case, source code. A key tenet of data loss prevention (DLP) tools is the ability to protect sensitive or regulated data like IP and warn administrators when its moved or exfiltrated.

A 60 Minutes report two years ago that featured AMSC’s case said at the time cyberespionage campaigns levied by China targeting IP cost U.S. companies hundreds of billions of dollars in losses and more than 2 million jobs. According to evidence presented at trial AMSC was hit particularly hard by Sinovel; the company lost $1 billion in shareholder equity and almost 700 jobs.

Two federal officials, Dennis C. Blair, a former commander in chief of the United States Pacific Command and Keith Alexander, a former director of the National Security Agency decried Chinese IP theft in an editorial in the New York Times last year but campaigns clearly aren’t going away. In a study released one year ago the Commission on the Theft of American Intellectual Property said the annual losses from the theft of IP range from about $225 billion to $600 billion. The theft of trade secrets in particular costs the United States between $180 billion and $540 billion annually, the group said.

Chris Brook

WHITEPAPERS

Data Protection Security Audit Checklist

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.