China theft of US agriculture sector trade secrets prompts government guidance

China and other countries have used insiders to steal intellectual property from agricultural research. The government has responded with guidance for identifying insider threats.

Insider threats  >  Employees suspiciously peering over cubicle walls
Thinkstock

If you didn’t think the agriculture and food sector is of national security significance, then the issuance of the Insider Risk Mitigation Guide by the National Counterintelligence and Security Center (NCSC) in conjunction with the Department of Defense’s Center for Development of Security Excellence (CDSE) should be the equivalent of the bat-signal shining over Gotham. The guide, quietly published in late July, is in essence a primer on how to create an insider risk/insider threat program.

NCSC and CDSE insider threat program guidance

The 11-page publication touches on four areas:

  1. Understanding insider risks
  2. Establishing an insider risk program
  3. Insider risk management strategy
  4. Insider risk resources

It highlights how the individual within the agriculture and food sector plays a “significant role in national security by protecting public health and safety, the nation, and its economy from contamination, economic espionage, food adulteration and terrorism.”

CISOs who are unfamiliar with the concept will find the guide interesting for its basic table-stakes presentation, suitable for culling tidbits to educate the rank-and-file cadre within their entity’s footprint. Especially noteworthy is the section on instituting user activity monitoring, which projects the basic concepts. Those in cybersecurity developing tools that focus on data leakage or insider threat mitigation will find the guidance a generation behind the cybersecurity industry as the emphasis is on employee deviations from norms.

The guidance is spot-on in other areas:

  • Identify what assets are the critical assets.
  • Consider the risk management process as dynamic, not one and done.
  • Have a response in place for when an insider threat becomes a reality.

Intellectual property theft in agriculture

While the guidance touches on multiple types of insider threats, the intellectual property (IP) theft portion will be of prime interest to CISOs. Two examples discuss China’s interest in the IP of the US agriculture and food sector. The first case involves Walter Liew, who stole chemical processes used with titanium dioxide and was sentenced to 15 years in prison. The other was the case of Mo Hailong, who was sentenced to three years for stealing genetically modified corn.

Liew was an insider within DuPont and broke trust, stealing corporate secrets of his employer. His spouse was also charged and was sentenced to three years in prison. The Mo case required insiders from within US companies (Pioneer and Monsanto) as well as the customers of the two companies to cooperate with Mo and his co-conspirators. The insiders provided geo-location for test seeds, enabling Mo to steal the seeds directly from the field. Customers of the seed producers (feed stores) are required to sign an agreement that they will only sell seed to authorize and licensed buyers. Over a period of approximately four years, Mo found a cash purchase of retail seed (which all contain 0.5% of the inbred seed in each bag) was sufficient inducement for the wholesaler to step over its licensing agreement.

Why is China interested in US agriculture?

China’s ability to feed its population has always been a sensitive and important issue. Each year agriculture is highlighted in China’s No. 1 Central Document. In 2018 the declared goal was to decisively advance China’s progress by 2035. In 2021, the US Embassy Beijing reported via the Agricultural Attaché Report how China is once again highlighting the need to profess in the “commercialization of high-quality seeds and livestock genetics as important factors for national food security.” The report emphasized “supporting seed development, including biotech seeds”—which is new, according to the Attaché in the 2021 document.

Thus, when the Central Committee directs resources to be devoted to moving the country’s knowledge forward, it happens. The two examples of IP theft are indicative of the ease with which China can purloin US research, yet they are not the only ones.

Targeting rice

Contemporaneously with the theft of the hybrid corn from Pioneer and Monsanto was China’s targeting of another commodity: rice. Two individuals, both insiders, were instrumental in the targeting and theft of research and seed samples from the USDA Dale Bumpers National Rice Research Center in Stuttgart, Arkansas, and Ventria Bioscience. Wieqiang Zhang was employed by Ventria, while Wengui Yan was employed at the USDA center as one of the nation’s leading researchers on rice genetics. Both were sentenced to over ten years in prison for the theft of the intellectual property.

Interestingly, when reviewing the court documents and case files of these examples, the discovery of Mo’s activities didn’t come to light because contacts within the agricultural companies detected anomalous activity, nor because wholesalers were selling off-the-books and were discovered by an audit. Rather, a farmer in Iowa noticed a rental car out in the middle of nowhere and two individuals were walking the field—a very specific area of the field where the new genetically modified corn seeds were being tested. That farmer saw something and said something.

In the case of Zhang and Yan, their activities were largely conducted outside the IT infrastructure of their employers, using their personal email accounts to coordinate and collaborate with the entities who provided to them a shopping list:

  • Rice research to accelerate China’s research
  • Identify technology to accelerate China’s agriculture modernization

A secondary inspection of a commercial delegation returning to China discovered the presence of rice seeds in their luggage and set off the investigation.

The agriculture and food sector will continue to be of interest to China and others, and insiders within the sector will remain potential targets for co-opting in the quest to jump over the research and development investment via intellectual property theft. The NCSC and CDSE guide is both necessary and timely, the protection of the nation’s agriculture and food sector is a key national security interest.

Copyright © 2021 IDG Communications, Inc.

How to choose a SIEM solution: 11 key features and considerations