SECURITY
Were GE trade secrets hidden in photo headed for China?
On July 5, Xiaoqing Zheng's computer at a General Electric installation in upstate New York became a small but intense battleground in the industrial cyber war between the U.S. and China, federal prosecutors say.
Around 11:12 a.m. that day, Zheng, 56, a naturalized U.S. citizen from China and a Massachusetts Institute of Technology-educated "principal engineer" at the GE Power facility in Schenectady, compressed 40 electronic files that allegedly contained GE trade secrets into a zip file on his computer. Then he encrypted the file with AxCrypt software, using a personal passphrase and giving it an obscure and innocent-seeming file name, according to a criminal complaint filed in August by the U.S. Attorney's Office for the Northern District of New York.
Near the end of the day, he copied an image of a sunrise from his iPhone to his desktop computer, named it "dawn.JPG" and concealed the encrypted file into the binary computer code of the image. Through a process called "steganography," the data were hidden somewhere in the sunshine, invisible to observers.
Finally, he sent the digital image to his personal email account, a statement by an FBI agent spelled out.
GE security officials were watching, however, and in monitoring Zheng's office computer, they discovered the encryption and uncovered his password, revealing the unauthorized taking of GE files with data about improving the performance of GE's steam turbine generating units, the agent's affidavit stated.
Zheng was arrested in August and is free on bail. His case was cited among several others last week at a Senate hearing as evidence of an accelerating campaign by China to make off with leading-edge American technology.
At the same time that President Trump is seeking a negotiated resolution to a high-voltage trade conflict with China that has rattled financial markets, his administration has been turning up the heat on China's "piratical" raids on U.S. industry's prized commercial intellectual property.
U.S. Trade Representative Robert Lighthizer, who leads the Trump administration's effort to defuse the China trade confrontation, says the issues of trade and theft of trade secrets are separate, and progress on the former doesn't wipe the slate clean on the latter.
The U.S. government's request to Canada to extradite Meng Wanzhou, chief financial officer of China's telecom giant Huawei, to face charges that her company violated sanctions against Iran, is "a criminal justice matter," Lighthizer told ABC's "Face the Nation" last week. "It is totally separate from anything that I work on or anything that the trade policy people in the administration work on. So, for us, it's unrelated, it's criminal justice."
But analyst Bill Bishop, writing recently in his Sinocism China Newsletter, said, "At some point Beijing may no longer be able to separate the trade talks from the broader deterioration in the U.S.-China relationship."
The tone of last week's Senate hearing on China's technology offensive was bluntly accusatorial. "The playbook is simple — rob, replicate and replace," Assistant Attorney General John Demers told the Senate Judiciary Committee last Wednesday. "Rob the American company of its intellectual property. Replicate the technology. And replace the American company in the Chinese market and one day in the global market."
Whether Zheng belongs in that category is still for a jury to determine. His attorney, Kevin Luibrand, said the matter should have been handled in civil court, not as a criminal case, telling The Wall Street Journal, "the core of the allegations are that he transmitted information on his own patents to himself and to no one else."
'Not state secrets'
"This is not state secrets," Luibrand told Schenectady's Daily Gazette. "This is not espionage ... this has nothing to do with the Chinese government."
Understanding Zheng's motivations is made more challenging by his connections to China, even as he worked for GE, according to the government's case.
In 2015, Zheng opened a company in China called Nanjing Tianyi Aeronautical Technology Ltd., disclosing this to GE, the company told the FBI. Zheng described the firm as a "parts supplier for civilian aviation engines."
Seeing potential conflicts of interest — the firm could compete with GE Aviation in parts sales — GE determined that Zheng was responsible for developing new technologies for his Chinese company, including innovations in efficiency improvements in turbines, the same area of his assignment at GE.
This apparently was not a deal breaker, however. The FBI affidavit says, "GE did not instruct Zheng that his interest in the Chinese company was unacceptable, and Zheng was permitted to retain his GE employment."
By then, however, Zheng had attracted the attention of GE corporate security. Zheng's area of expertise is improving the seals that reduce or eliminate leakages in GE steam turbines, a key factor in improving their efficiency and competitiveness. GE Power division's steam turbines produce electricity at half of the world's nuclear plants, 30 percent of coal- and oil-fired plants, and 41 percent of combined cycle plants fueled with natural gas, but GE Power has been battered by declining sales and faces a drive by China to gain equal footing in global markets with GE and other manufacturers in Europe and Japan.
In 2014, according to GE, Zheng copied 19,020 electronic files from one of his GE computers onto an external storage drive, apparently a thumb drive. He told GE investigators he had deleted the files, and it isn't clear from the complaint whether there were consequences for Zheng.
A year ago, GE discovered Zheng had saved 400 files on his desktop computer and encrypted them. The complaint said GE wasn't able to see the contents of the files, and instead of taking action directly against their employee, security began monitoring his computer. That led to the discovery of his file transfer in August, the government says.
On Aug. 1, FBI agents searched Zheng's home, finding "a handbook that explains the types of resources the government of China will give to individuals or entities who can provide certain technologies," the complaint said.
The FBI also said Zheng had been selected as part of the Chinese government's Thousand Talents Program to recruit Chinese and other foreign technologists and scientists to support the country's technological goals.
Assistant Attorney General Demers told Wednesday's Senate hearing that China's drive to acquire technology blurs the lines between legal and illegal. "They are relying today on people from all walks of life to carry out their aims," he said.
"The Communist Party reigns supreme," Demers said. "They have a great ability to lean on people, some who are witting, some who are not witting, in their society to again carry out their aims.
"Whether they be researchers, scientists, students, businessmen, otherwise tourists, the Chinese intelligence services don't hesitate to ask those people to carry out their aims," Demers said.
The answer in Zheng's case may not come soon. Assistant U.S. Attorney Michael Barnett said last week, "As of today, the government has until early January to seek an indictment from the grand jury. However the parties could seek, and the Court could approve, further extensions of that deadline."
.....................................................................
NISKAYUNA — An engineer employed by General Electric Co. was arrested by the FBI on Wednesday and charged with using sophisticated techniques to steal digital files on the company's turbine technology to benefit his interest in Chinese companies that compete with GE.
U.S. Magistrate Christian F. Hummel ordered the engineer, Xiaoqing Zheng, 56, to remain in federal custody pending a detention hearing scheduled for Thursday afternoon. The judge urged Zheng, who speaks English but acknowledged having difficulty fully understanding the proceedings, to hire a private attorney.
Recommended Video
00:16
03:08
Prosecutors, in a statement, said that Zheng "used an elaborate and sophisticated means to remove electronic files containing GE's trade secrets involving its turbine technologies. ... Zheng is alleged to have used (encrypted technology) to hide data files belonging to GE into an innocuous looking digital picture of a sunset, and then to have emailed the digital picture, which contained the stolen GE data files, to Zheng's (private) email account."
A federal complaint indicates the email containing the stolen trade secrets that Zheng sent to himself included the subject line "Nice view to keep."
Prosecutors said the single criminal count filed against Zheng — theft of trade secrets — relates to an incident that took place on July 5 when he moved 40 encrypted files to a digital folder on his laptop. But the federal complaint indicates Zheng is also suspected of stealing the data files "on multiple occasions" dating back years.
The federal criminal complaint says that in 2014, Zheng "downloaded more than 19,000 files from GE's computer network onto an external storage device, believed by GE investigators to have been a personal thumb drive."
Federal authorities said that Zheng is a U.S. citizen and also holds citizenship in China. He was hired by GE in 2008 and holds degrees in aero engineering from Northwestern Polytechnic University. Federal prosecutors, in their complaint, said Zheng also has a degree from Massachusetts Institute of Technology, but a school spokesman said he holds an executive certificate in Technology, Operations, and Value Chain Management from a non-degree executive program.
Zheng previously told GE officials that he and his brothers own a technology company in Nanjing, China, that supplies parts for civil aviation engines, according to the federal complaint. GE officials had reviewed Zheng's interest in that company and determined it may conflict with his employment here, but allowed him to continue working for GE.
But federal investigators said they found that Zheng had an interest in multiple aviation technology companies in China — including some funded by the government — and that it appeared he was working on projects for those companies similar to the proprietary work that he does for GE.
The complaint indicates that GE officials have been aware of Zheng's suspicious activities for years but took no serious action.
For instance, in 2014, corporate security officials at GE investigated Zheng's copying of more than 19,000 electronic files onto a thumb drive but were unable to determine what they contained. Zheng told the security officers that he had deleted the files and the company could not tell FBI agents whether they were able to corroborate that the files had been deleted or whether they had been shared with any third parties.
Roughly two years ago, GE tightened its security measures and prohibited employees from using portable devices such as external thumb drives to prevent downloading of trade secret information.
Authorities said that Zheng allegedly circumvented that restriction by encrypting GE data files on his computer and then hiding those files in the data code of a digital photograph that he sent to his private Hotmail account.
The company finally took steps to begin monitoring Zheng's activities last year, after they discovered another 400 digital files on his company-issued laptop that had been encrypted with a software program not used by GE.
"GE installed monitoring software on Zheng's computer(s) in an attempt to determine what information he was encrypting, and what he was doing with the information," the complaint states.
The FBI described the methods used by Zheng to hide his alleged thefts as "uncommon even among trained computer experts." The FBI said that even agents specializing in cyber crimes told the agents handling the case in Albany that they were aware of the methods used by Zheng "but that they had never actually seen a subject employ them."
Zheng, who was wearing a t-shirt and shorts in court, was arrested Wednesday morning at his residence on Cephalonia Drive, which is just off River Road in Niskayuna.
FBI agents searched Zheng's residence and seized a handbook that describes the resources China provides to individuals who provide certain technologies to the government. They also seized Zheng's passport, which indicated he had taken five trips to China in the past two years.
Following his arrest, Zheng allegedly admitted to FBI agents that he had stolen GE materials between five and 10 times and that he knew it was unlawful to do so. He also told the agents that his companies in China are not yet profitable but that they had received grant money from the Chinese government.
"I don't have a regular attorney," Zheng told the judge on Wednesday. "It may take me a while to find one."
Hummel told Zheng that the detention hearing scheduled for Thursday is critical because it will determine whether Zheng remains in custody pending any trial, which could take months.
Zheng's wife and daughter sat in the second row for the proceeding. His wife spoke briefly, telling the judge "I'm here," when Hummel asked Zheng whether his family could help him find an attorney.
A LinkedIn page for a Xiaoqing Zheng states that he holds 29 patents.
A GE spokesperson said the company has "been in close cooperation with the FBI for some time on this matter."
"At GE, we aggressively protect and defend our Intellectual Property and have strict processes in place for identifying these issues and partnering with law enforcement," the statement continued. "We won't have any additional comment at this time as this is an ongoing investigation."
No comments:
Post a Comment
Comments always welcome!