Earlier this week, a judge sentenced Hanjuan Jin to four years in prison for stealing trade secrets from Motorola Solutions. The case has all the makings of a Law and Order episode—a naturalized American gets routinely screened by a customs agent at the airport as she's about to board her flight to China—but it also points out the importance of monitoring IT systems. While it's true that competitors are after our companies' innovations, security experts will verify that many, if not most, security breaches begin from the inside. The specifics of Jin's case, as reported from the FBI, provide some clues as to where suspicions could have been raised.
Jin was employed by Motorola Solutions (then a part of Motorola Inc.) as a software engineer, starting in 1998. She took a medical leave of absence in February 2006—but, according to the FBI, she then pursued employment in China with a telecom company that worked on projects for the Chinese military. Between November 2006 and February 2007, the Chinese company, Sun Kaisens, gave Jin classified Chinese documents to review so she would be able to assist with the military contract.
The timeline continued to move quickly: On Feb. 15, 2007, Jin returns to the United States, and became a naturalized citizen on the 20th. On the 22nd, she purchased a one-way ticket to China, and on the 26th she returned to work at Motorola. No one at Motorola was the wiser about her other employer, but she was certainly still on the job.
During the trial, the prosecution showed that on her first day back, Jin accessed more than 200 technical documents belonging to Motorola on its secure internal computer network. Then, according to the FBI, "At about 9 p.m., Jin returned to Motorola and downloaded additional documents. At approximately 12:15 a.m. on February 27, 2007, Jin was recorded twice leaving a Motorola building with hard copy documents and other materials."
You'd think there would be some sort of security tracer that would have alerted the appropriate Motorola staffer. Fortunately, a U.S. Customs and Border Patrol agent stopped her as she tried to board that plane for China out of O'Hare International Airport, with a cool $31,000 in cash and numerous documents marked confidential by both Motorola and the Chinese government. Some reports characterized the stop as "routine." One can only guess at the outrageous amount of damage that would have been done to Motorola had Jin handed over the information to Sun Kaisens.
Almost one year ago, in October 2011, the Office of the National Counterintelligence Executive submitted a report to Congress that suggested Chinese and Russian cybercriminals were conducting cyber espionage operations against private companies to aid their own economic development. The report, "Foreign Spies Stealing U.S. Economic Secrets in Cyberspace," noted that Chinese hackers were “the world’s most active and persistent perpetrators of economic espionage." Further, the report found that information and communications technology — the exact line of business Motorola Solutions is in -- is of greatest interest to foreign governments, because it forms the backbone for other technology.
Fortunately for Motorola, this espionage attempt resulted in a black eye, rather than a broken back.