Six arrested, seven charged with theft of Trelleborg's dual-use undersea technology Credit: Thinkstock Those who have followed China’s technology acquisition over the last 30-plus years will recognize the latest pilfering of high-tech trade secrets as par for the course. It all started with Project 863, which was the methodical acquisition of western technology.The most recent incident, in support of China’s Ministry of Industry and Information Technology (CMIIT), as well as China’s National Offshore Oil Corporation (CNOOC), culminated in the arrest of six individuals of multiple nationalities and arrest warrants for seven (one individual, named but not arrested is currently in China).Amazingly, and indicative of the brass of the Chinese, the China-based company that monetized the technology invited the company from which it was stolen to be their “exclusive” customer. This was not to be your ordinary trade secret theft. Old-fashioned human source acquisition methodologies were used to target, assess and ultimately acquire the services of key personnel and have these trusted insiders take the trade secrets of their employer and deliver these secrets to the Chinese. The U.S. Department of Justice announced, “Seven People Charged With Conspiracy to Steal Trade Secrets For Benefit of Chinese Manufacturing Company (Case involves dual-use technology with military applications).” In their announcement of the arrests of the six individuals in various locales throughout the United States, the DOJ noted that for the past five years (2012 through May 2017), trade secrets were stolen from “Company A,” a leader in marine technology. Houston ABC affiliate KTRK deduced that Company A was Trelleborg. A review of the arrested individual’s bios and LinkedIn social network pages corroborate KTRK’s assertion. A review of the DOJ court documents reveal a substantial amount of information on the methodology used to target Trelleborg and their employees. The key individuals in this saga, Shan Shi and his co-conspirators, put together a game plan with the assistance of a China-based entity, an entity associated with both China the government and state-owned-enterprises (SOE) with ties to the People Liberation Army (PLA). Targeting TrelleborgShi, in concert with Kui Bo (a Canadian citizen), put together a list of employees within Trelleborg who would have knowledge and expertise to spurt the newly formed Chinese entity, TAIZHOU CBM FUTURE NEW MATERIAL SCIENCE AND TECHNOLOGY CO. LTD. (“CBMF”) located in Linhai City, Zhejiang Province. Though the name of the head of CBMF is redacted in the court documents, CBMF’s press releases of 2013 identify the chairman of CBMF as Qu Longkui. The company’s website cbm-future.com is currently not responding; however, a peek via the “way-back-machine” showed the company to have made remarkable progress between May 2012 and May 2017. All in, CBMF funded the establishment of multiple entities in Houston to the tune of multiple millions of dollars for the purpose of acquiring technology from U.S. companies, specifically Trelleborg. CBMF on their Chinese language website ironically highlights how CBMF would provide a “high-quality product quality, excellent service, original technology, completely independent intellectual property rights.” This effort ultimately resulted in the hire of Samueal Ogoe (his LinkedIn profile showed his employment with Trelleborg) and Gang Liu (a Chinese national, lawful permanent resident in the U.S.). Both brought with them their knowledge of a “syntactic foam,” a light material used in both commercial and military uses to include marine and space. They both also spirited documents away from Trelleborg on their way out the door. So complete was the theft of Trelleborg’s technology that CBMF was able to build from scratch a competitive manufacturing facility, operationalizing the stolen intellectual property. Indeed, the test results from Trelleborg’s R&D allowed CBMF to leapfrog ahead of Trelleborg in making additional advances. Such was the success enjoyed by CBMF that the chairman of CBMF, Qu Longkui, directed Shi to engage Trelleborg, strengthen the ties to Trelleborg and offer them an exclusive opportunity to purchase CBMF’s spheres at a price one-half of what Trelleborg was currently manufacturing their spheres. Trelleborg visited CBMF in China and noted their surprise at how CBMF had been able to develop quality products. They apparently were not yet aware they were now competing against their own technology.FBI stingIn April 2017, two unidentified companies, acting on behalf of the FBI, contacted Shi and Bo and provided an opportunity to bid on a “next generation of commercial Remote Operated Vehicles.” Shi and Bo jumped at the opportunity, and the hook was set. On May 23, 2017, the two made a presentation in Washington, D.C. During the presentation, Shi boasted about his company’s advanced technology and the fact that the spheres that his company would produce in support of the opportunity would be prohibited for export. And with these two facts being presented, the FBI arrested Shi and Bo for violation of f 18 U.S.C. § 1832 (Theft of Trade Secrets). Related content news analysis China’s MSS using LinkedIn against the U.S. The head of the U.S. National Counterintelligence and Security Center says China's MSS is using social networks, specifically LinkedIn, to target, access, and recruit U.S. sources. By Christopher Burgess Aug 31, 2018 4 mins Social Engineering Cybercrime Security news analysis Tesla insider with expired NDA spills the tech beans A former Tesla engineer with an expired non-disclosure agreement (NDA) shared inside technical information on an obscure forum, which was quickly shared across multiple social media platforms. By Christopher Burgess Aug 30, 2018 3 mins Risk Management Security news analysis Horizon Air tragedy highlights airline insider threat vulnerability The ease at which a Horizon Air employee was able to steal and crash a Bombardier Q400 turboprop will likely prompt airlines to develop an insider threat mitigation strategy to close this vulnerability. By Christopher Burgess Aug 13, 2018 4 mins Security news analysis How did the TimeHop data breach happen? Compromise of an employee's credentials, lack of multi-factor authentication, and weak insider threat analysis all played a factor in the recent TimeHop data breach in which 21 million user accounts were compromised. By Christopher Burgess Aug 10, 2018 4 mins DLP Software Analytics Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe