19.7.2
The 20th Century
East-West commercial development opportunities after World War I saw a rise in Soviet interest in American and European manufacturing know-how, exploited by Amtorg Corporation.[31]Later, with Western restrictions on the export of items thought likely to increase military capabilities to theUSSR, Soviet industrial espionage was a well known adjunct to other spying activities up until the 1980s.[32]BYTEreported in April 1984, for example, that although the Soviets sought to develop their own micro- electronics, their technology appeared to be several years behind the West’s. Soviet CPUs required multiple chips and appeared to be close or exact copies of American products such as theIntel 3000andDEC LSI-11/2.[33]
“Operation Brunnhilde”
Some of these activities were directed via theEast Ger- man Stasi(Ministry for State Security). One such oper- ation, known as “Operation Brunnhilde” operated from the mid-1950s until early 1966 and made use of spies from manyCommunist Bloccountries. Through at least 20 forays, many western European industrial secrets were compromised.[34]One member of the “Brunnhilde” ring was aSwiss chemical engineer, Dr. Jean Paul Soupert (also known as “Air Bubble”), living in Brussels. He was described byPeter WrightinSpycatcheras having been “doubled” by the Belgian Sûreté de l'État.[34][35] He revealed information about industrial espionage con- ducted by the ring, including the fact that Russian agents had obtained details ofConcorde's advanced electronics system.[36]He testified against twoKodakemployees, liv- ing and working in Britain, during a trial in which they were accused of passing information on industrial pro- cesses to him, though they were eventually acquitted.[34]
Soviet spetsinformatsiya system
A secret report from the Military-Industrial Commis- sion of the USSR(VPK), from 1979–80, detailed how
spetsinformatsiya (Russian: специнформация i.e. “spe- cial records”) could be utilised in twelve different military industrial areas. Writing in theBulletin of the Atomic Scientists, Philip Hanson detailed a spetsinformatsiya sys- tem in which 12 industrial branch ministries formulated requests for information to aid technological development in their military programs. Acquisition plans were de- scribed as operating on 2 year and 5 year cycles with about 3000 tasks under way each year. Efforts were aimed at civilian as well as military industrial targets, such as in thepetrochemical industries. Some information was garnered so as to compare levels of competitor to Soviet technological advancement. Much unclassified informa- tion was also gathered, blurring the boundary with “com- petitive intelligence”.[32]
TheSoviet militarywas recognised as making much bet- ter use of acquired information, compared to civilian in- dustry, where their record in replicating and developing industrial technology was poor.[32]
19.7.3 The legacy of Cold War espionage
Following the demise of the Soviet Union and the end of theCold War, commentators, including the US Congressional Intelligence Committee, noted a redi- rection amongst the espionage community from mil- itary to industrial targets, with Western and former communist countries making use of “underemployed” spies and expanding programs directed at stealing such information.[37][38]
The legacy of Cold War spying included not just the redi- rection of personnel but the use of spying apparatus such as computer databases,scanners for eavesdropping,spy satellites,bugsandwires.[39]
19.8 Notable cases
19.8.1 France and the United States
Between 1987 and 1989, IBM and Texas Instruments were thought to have been targeted by French spies with the intention of helping France’s Groupe Bull.[40] In 1993, US aerospace companies were also thought to have been targeted by French interests.[41] During the early 1990s, France was described as one of the most aggres- sive pursuers of espionage to garner foreign industrial and technological secrets.[40]France accused the U.S. of at- tempting to sabotage its high tech industrial base.[40]The government of France has been alleged to have conducted ongoing industrial espionage against American aerody- namics and satellite companies.[42]
19.8.2 Volkswagen
In 1993, car manufacturer Opel, the German divi- sion ofGeneral Motors, accusedVolkswagen of indus- trial espionage after Opel’s chief of production, Jose Ignacio Lopez, and seven other executives moved to Volkswagen.[14] Volkswagen subsequently threatened to sue for defamation, resulting in a four-year legal battle.[14] The case, which was finally settled in 1997, resulted in one of the largest settlements in the history of industrial espionage, with Volkswagen agreeing to pay General Mo- tors $100 million and to buy at least $1 billion of car parts from the company over 7 years, although it did not explic- itly apologize for Lopez’s behavior.[43]
102 CHAPTER 19. INDUSTRIAL ESPIONAGE
19.8.3
Hilton and Starwood
In April 2009 the US based hospitality company Starwoodaccused its rivalHiltonof a “massive” case of industrial espionage. After being purchased by private equitygroupBlackstone, Hilton employed 10 managers and executives from Starwood. Under intense pressure to improve profits, Starwood accused Hilton of stealing cor- porate information relating to its luxury brand concepts, used in setting up its own Denizen hotels. Specifically, former head of itsluxury brandsgroup, Ron Klein, was accused of downloading “truckloads of documents” from a laptop to his personal email account.[44]
19.8.4
GhostNet
GhostNetwas a “vast surveillance system” reported by Canadian researchers based at theUniversity of Toronto in March 2009. Using targeted emails it compromised thousands of computers in governmental organisations, enabling attackers to scan for information and transfer this back to a “digital storage facility in China”.[45]
19.8.5
Google and Operation Aurora
On 13 January 2010,Google Inc. announced that oper- ators, from within China, had hacked into their Google China operation, stealing intellectual property and, in particular, accessing the email accounts of human rights activists.[46][47]The attack was thought to have been part of a more widespread cyber attack on companies within China which has become known asOperation Aurora.[47] Intruders were thought to have launched a zero-day at- tack, exploiting a weakness in theMicrosoft Internet Ex- plorerbrowser, the malware used being a modification of thetrojan“Hydraq”.[24]Concerned about the possibility of hackers taking advantage of this previously unknown weakness in Internet Explorer, the governments of Ger- many and, subsequently France, issued warnings not to use the browser.[48]
There was speculation that “insiders” had been involved in the attack, with some Google China employees being denied access to the company’s internal networks after the company’s announcement.[49][50]In February 2010, computer experts from the U.S.National Security Agency claimed that the attacks on Google probably originated from two Chinese universities associated with expertise in computer science,Shanghai Jiao Tong Universityand the Shandong Lanxiang Vocational School, the latter having close links to theChinese military.[45]
Google claimed at least 20 other companies had also been targeted in the cyber attack, said by the LondonTimes, to have been part of an “ambitious and sophisticated at- tempt to steal secrets from unwitting corporate victims” including “defence contractors, finance and technology companies”.[47][46][48]Rather than being the work of indi-
viduals or organised criminals, the level of sophistication of the attack was thought to have been “more typical of a nation state”.[46] Some commentators speculated as to whether the attack was part of what is thought to be a concerted Chinese industrial espionage operation aimed at getting “high-tech information to jump-start China’s economy”.[51] Critics pointed to what was alleged to be a lax attitude to the intellectual property of foreign busi- nesses in China, letting them operate but then seeking to copy or reverse engineer their technology for the bene- fit of Chinese “national champions”.[52]In Google’s case, they may have (also) been concerned about the possible misappropriation of source code or other technology for the benefit of Chinese rivalBaidu. In March 2010 Google subsequently decided to cease offering censored results in China, leading to the closing of its Chinese operation.
19.8.6 CyberSitter and Green Dam
The US based firm CyberSitter announced in January 2010 that it was suing the Chinese government, and other US companies, for stealing its anti pornography software, with the accusation that it had been incorporated into China’sGreen Damprogram, used by the state to cen- sor children’s internet access. CyberSitter accused Green Dam creators as having copied around 3000 lines of code. They were described as having done 'a sloppy job of copy- ing,' with some lines of the copied code continuing to di- rect people to the CyberSitter website. Theattorneyact- ing for CyberSitter maintained “I don't think I have ever seen such clear-cut stealing”.[53]
19.8.7 USA v. Lan Lee, et al.
The United States charged two former NetLogic Inc. en- gineers, Lan Lee and Yuefei Ge, of committing eco- nomic espionage against TSMC and NetLogic, Inc. A jury acquitted the defendants of the charges with regard to TSMC and deadlocked on the charges with regard to NetLogic. In May 2010, a federal judge dismissed all the espionage charges against the two defendants. The judge ruled that the U.S. Government presented no evidence of espionage.[54]
19.8.8 Dongxiao Yue and Chordiant Soft-
ware, Inc.
In May 2010, the federal jury convicted Chordiant Soft- ware, Inc., a U.S. corporation, of stealing Dongxiao Yue’s JRPC technologies and used them in a product called Chordiant Marketing Director. Yue previously filed law- suits againstSymantec Corporationfor a similar theft.[55]
19.10. SEE ALSO 103