Wanted: Chief Espionage Officer

By Deborah Gage  |  Posted 2004-12-01 Email Print this article Print
 
 
 
 
 
 
 

Corporate America faces a new kind of cracker. Information-technology managers and chief technology officers—the people charged with safeguarding corporate networks—are engaging in acts of digital espionage. In the past two years, a half-dozen c


You've long been on the lookout for hackers who want to do harm to your systems and damage—or steal—your data. But what if the felon you should fear, now or in the future, is standing next to you? Or works at one of your chief competitors? Here are three cases where top technology executives are accused of stealing trade secrets. And it's a growing problem.

SSF imported auto parts works out of a nondescript building just off the main retail drag in South San Francisco, Calif. In a space half the size of a football field sit rows of metal shelves filled with brake discs, alternators, water pumps and other components for Audi, Mercedes-Benz, Porsche, Saab and Volvo cars. Workers in blue shirts move briskly about, picking and packing parts for delivery overnight to repair shops and dealerships around the country.

Yes, this is a warehouse. But it is also a center for what some security experts worry is a new type of computer crime: Digital espionage. By top technology executives. View the PDF -- Turn off pop-up blockers!

SSF's computer systems were repeatedly broken into over seven months starting in early 2001. An FBI agent who investigated the incident said he believed large portions of SSF's electronic catalog of 20,000 car parts were copied, so rivals could build a better catalog. The culprits? The chief technology officer, chief executive officer and a computer consultant for a rival: Dallas European Parts Distributors of Carrollton, Texas. According to the U.S. Attorney's Office in San Francisco, the trio became criminals when they accessed SSF's computers without authorization and illegally trafficked in SSF computer passwords.

Statistics are not kept by federal law enforcement agencies on the number of acts of espionage committed each year by executives and technology managers in this age of worldwide computer networking. But research by Baseline has identified a half-dozen cases of digital espionage that are alleged to have been committed by corporate chief technology officers and information-technology directors in the past two years. The alleged spies include:

  • The chief technology officer at Business Engine Software Corp. in San Francisco, who pled guilty in July to downloading trade secrets, such as information on customers and products in development, from rival Niku Corp. in Redwood City, Calif.

  • The information-technology director at Lightwave Microsystems in San Jose, who was indicted in May 2003 on charges of stealing the network equipment maker's Manufacturing Execution Database and other secrets, stored on backup tapes. His alleged intent: sell the secrets to competitor JDS Uniphase. He pleaded not guilty.

  • The chief technology officer of Speedera Networks, a Santa Clara, Calif., provider of Web hosting and content delivery services; according to a civil suit filed in California Superior Court in Santa Clara County, he allegedly broke into a database at Keynote Systems to steal performance data about Akamai Technologies, a Cambridge, Mass., competitor. Speedera denies any wrongdoing.

  • The CEO of Orbit Communications, a satellite data reseller, who allegedly recruited technology security consultants to attack the Web sites of three of Orbit's competitors, according to an FBI complaint. The CEO is a fugitive.

  • The former network and information-technology manager at Manufacturers Electronic Sales Corp. (MESC), a sales representative in Santa Clara, Calif., for electronic component makers. The manager pleaded guilty in August to breaking into the company's computer system from his new employer. He was charged with downloading a customer database, reading e-mail and deleting data, then destroying evidence of the break-in.

    These incidents, say security experts such as Steve Orrin, vice president of security and technology at Watchfire, which provides software and services to help companies manage online security, privacy and compliance risks, portend a new and worrisome threat for corporations. The people in U.S. companies who are responsible for safeguarding networks and the secrets they hold about products, customers and strategies—CTOs and I.T. managers—may be using their skills to cross the line into crime.

    "And it's probably one of the most flagrant violations of trust," he says, "when the people you trust to defend your networks turn around and execute something that could put your organization at such significant liability."

    This may just be the next evolution of the economic spy.

    "The average computer professional has as much, if not more, skill than [the typical corporate hackers] going out and committing crimes,'' says Ira Winkler, a top I.T. security consultant and author of the forthcoming book Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day.

    "The cases speak for themselves," adds Christopher Sonderby, who heads up the computer-hacking and intellectual-property unit in the U.S. Attorney's office in San Francisco. "The cases would seem to support the notion, certainly, that it has been done and that it's a real risk."



  • 123456>
     
     
     
     
    Senior Writer
    debbie_gage@ziffdavisenterprise.com
    Based in Silicon Valley, Debbie was a founding member of Ziff Davis Media's Sm@rt Partner, where she developed investigative projects and wrote a column on start-ups. She has covered the high-tech industry since 1994 and has also worked for Minnesota Public Radio, covering state politics. She has written freelance op-ed pieces on public education for the San Jose Mercury News, and has also won several national awards for her work co-producing a documentary. She has a B.A. from Minnesota State University.

     
     
     
     
     
     

    Submit a Comment

    Loading Comments...

    Manage your Newsletters: Login   Register My Newsletters