Corporate Espionage by China on 60 minutes

A fascinating piece:

If spying is the world’s second oldest profession, the government of China has given it a new, modern-day twist, enlisting an army of spies not to steal military secrets but the trade secrets and intellectual property of American companies. It’s being called “the great brain robbery of America…”

John Carlin: It’s thousands of actually companies have been hit…

Lesley Stahl: You had to fire 600 people… Out of how many jobs?

Daniel McGahn: At the time we were almost 900.

Lesley Stahl: So how much did you lose in share value?

Daniel McGahn: Total loss is well over a billion dollars…

Lesley Stahl: And did they make these turbines with your brains in them for the entire country of China?

Daniel McGahn: Yes.

When he went into business there, China was already notorious for poaching American intellectual property. So he says he did everything he could think of to protect his technology from being stolen…

Lesley Stahl: Once they got everything over there couldn’t they reverse-engineer it?

Daniel McGahn: We believe that’s what they tried to do. And what they learned was this encrypted protocol was in the way. They didn’t quite understand how it worked. And they couldn’t reverse-engineer it.

Initially, business boomed in China for American Superconductor, with sales skyrocketing from $50 million-a-year to nearly half a billion… Then, in 2011, his engineers were testing the next-generation software in China on Sinovel’s turbines. The software had been programmed to shut down after the test but the blades didn’t shut down. They never stopped spinning.

Daniel McGahn: So we said why. We didn’t really know. So the team looked at the turbine and saw running on our hardware a version of software that had not been released yet… So then we had to figure out how did, how could this have happened?

To find out, he launched an internal investigation and narrowed it down to this man, Dejan Karabasevic, an employee of American Superconductor based in Austria. He was one of the few people in the company with access to its proprietary software. He also spent a lot of time in China working with Sinovel.

Daniel McGahn: And what they did is they used Cold War-era spycraft to be able to turn him… And make him into an agent for them…

The arrangement included a $1.7 million contract that was spelled out in emails and instant messages that McGahn’s investigation found on Dejan’s company computer. In this one, from him to a Sinovel executive, Dejan lays out the quid pro quo, “All girls need money. I need girls. Sinovel needs me.” Sinovel executives showered him with flattery and encouragement: you are the, quote, “best man, like superman…”

Dejan eventually confessed to authorities in Austria and spent a year in jail…

But he suspected that China was still spying on his company, and that Beijing had switched from Cold War to cutting-edge espionage…

McGahn hired Dmitri Alperovitch and George Kurtz, cofounders of a computer security firm called CrowdStrike, to investigate. They zeroed in on a suspicious email purportedly sent by a board member to 13 people in the company.

Dmitri Alperovitch: It had an attachment. A few people clicked on an attachment and that let the Chinese in. It was sort of like opening the front door… Once they clicked on that email and they opened up the attachment, malicious codes started executing on their machine and it beaconed out to the Chinese and basically let them right in to the company…

Dmitri Alperovitch: They also wanted to figure out the legal strategy of the company now that they were suing Sinovel for $1.2 billion.

George Kurtz: Whenever there’s a big lawsuit we’ll see the Chinese government actually break into that company, break into the legal department and figure out what’s going on behind the scenes so they can better deal with that lawsuit…

Dmitri Alperovitch: We were able to determine with great confidence that this was Unit 61398, part of the Chinese military that was responsible for this attack…

Carlin: These were officers in uniform and their day job was to get up, go to work, log on, and steal from a range of American companies. And you would watch, as we put in an exhibit in the case, the activity would spike around 9:00 in the morning. They get into work, turn on their computers, and start hacking into American companies. Then it calms down a little bit from about 12:00 to 1:00 where they take a lunch break… And then it continues until the end of the day, 5 or 6 o’clock at night. And then they go home, and it decreases ’till the next morning…

In Massachusetts, Daniel McGahn is rebuilding with much of his business now shifted to India. But adding insult to injury, Sinovel is now exporting wind turbines with his stolen technology, including one purchased by the state of Massachusetts using federal stimulus funds.

Lesley Stahl: So Sinovel using the stolen source codes has sold wind turbines here in Massachusetts using to–

Daniel McGahn: –to the government of Massachusetts funded by the federal government of the United States of America.

Business is Darwinian. Technologists focus on their technology. They want to build the best mousetrap. Nobody thinks about how those who win in business are those who approach the game as a war, fought for all the marbles. Those who blind themselves to this reality are destined to lose to those who do not, and their businesses will inevitably end up failing.

Small machine shops hire PI’s to learn how their competitors source materials so they can undercut them. Contractors hire spies to figure out what competitors are bidding on contracts so they can underbid them and get the contracts. Technology companies spy on other technology companies to steal their technology secrets. And foreign nations will always try to steal the secrets of American companies. Wherever there is success in business, that shadow war is not far behind because that is how you win, and in business winning is what survives.

If you ever enjoy great success anywhere in business, hire counter-intelligence professionals to protect your business from the theft of secrets. It will be as important to your success as the quality of your work and your grasp of the technology. Had this company hired counter-intelligence there is no telling how many more billions they would have earned. Their counter-intelligence would have been watching all employee emails, they would have monitored employee travels, and they would likely have picked up on the Austrian who ultimately burned their entire company. Instead they focused on the technology and lost.

More than likely every member of that company with access to the software was under covert surveillance by the Chinese at some point. They were all photographed for their files. I’ll bet every one of them has unknowingly exchanged polite comments with a Chinese surveillance agent (who was probably Caucasian) while out shopping. They were tailed on the road, watched at home, and monitored electronically. I’d even bet a friend of their’s met some fascinating person that had all the traits their friend found interesting and appealing in people, and that friend then introduced their new friend into the target’s social circle.

Had any employees noticed any of this and reported it, this entire debacle might have been averted.

More than likely the Chinese recognized the traitor’s moral failings quickly once they began looking. They saw a psychology which felt envious and jealous of his company “family.” They documented things he didn’t want made public, they maybe even framed him for some crime or documented criminal activity he engaged in, and then he became the primary target to compromise with a combination of the carrot and the stick.

I’d assume during a trip to China that traitor heard a knock on his door, a woman was waiting outside, he let her in, and from that point the Chinese took pocession of him. Good counter-intelligence would have had the room opposite him and have fit the peephole in the door with a pinhole camera, only to later fast forward through the video. When he went out they would have tailed him quietly, his company cell phone would have been monitored, and when he was approached they would have known about it. And beyond any shadow of a doubt, those emails would have been monitored. Once he was turned, his access could have been pulled by the company.

For a several thousand dollars spent surveilling him, a billion dollar company could have been saved. There are a lot of billion dollar companies which are still billion dollar companies because they learned that lesson before they were destroyed. If there is a billion dollar company out there which does not understand this, they will soon cease to be a billion dollar company. Being more tech oriented, I never had any idea this shadowy world was out there and so prolific, but it is.

If anyone reading this has big ideas, and hopes to one day form such an enterprise, learn this lesson before it can hurt you. It is a jungle out there, and nowhere is the danger greater than it is where great businesses risk enjoying success.

This entry was posted in Intel, Surveillance. Bookmark the permalink.
0 0 votes
Article Rating
Subscribe
Notify of
guest

2 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback
8 years ago

[…] By Anonymous Conservative […]

Mike
Mike
8 years ago

We should have never normalized relations with China. We should have never started trading with them either. But too many western companies had their eyes on the short term payoff to see what dealing with a bunch of crooks and spies would do to them in the long run. The best security measure would have been never to deal with the Chinese to begin with.