[ISN] Silicon Valley Concern Says It Thwarted Software Theft

From: InfoSec News (isnat_private)
Date: Mon Sep 23 2002 - 00:59:40 PDT

  • Next message: InfoSec News: "RE: [ISN] Warchalking is theft, says Nokia"

    Forwarded from: "eric wolbrom, CISSP" <ericat_private>
    
    http://www.nytimes.com/2002/09/20/technology/20SOFT.html
    
    September 20, 2002
    By JOHN MARKOFF
    
    
    SAN FRANCISCO, Sept. 19 - A Chinese software programmer was arrested
    Tuesday after a Silicon Valley company complained that he had tried to
    steal software used in seismic imaging of oil fields, company
    officials said today.
    
    The programmer, Shan Yanming, 32, has been in the United States since
    the end of April as part of a contract between the state-owned China
    National Petroleum Corporation and 3DGeo Development., a Mountain
    View, Calif., software company.
    
    Executives at the company said that the Chinese programmer, who had
    been training in the use of the company's software, was caught trying
    to use a company computer password to download company software to a
    portable computer last Thursday.
    
    At the time, the company confiscated the computer and told the
    programmer to leave the premises and return to his apartment. He was
    arrested by F.B.I. and local law enforcement officials on Tuesday at
    the San Francisco International Airport while waiting to leave the
    country.
    
    The programmer, who is in custody at the Santa Clara County Jail, has
    not yet been charged, according to an F.B.I. agent involved in the
    arrest.
    
    "He was trying to gain access to our high-end seismic imaging
    software, which is proprietary," said Dmitri Bevc, president and
    co-founder of 3DGeo.
    
    Silicon Valley companies have frequently been the target of both
    industrial and government espionage. Executives at the software
    development company said that they had discovered another Chinese
    employee from the same company trying to steal software five years
    ago, but had not reported the incident to the government.
    
    As a result of the earlier incident the company was alert to the
    possibility of theft, he said.
    
    "We were watching him," Dr. Bevc said. "We knew that a security risk
    was possible. Our engineers were watching him and they saw him start
    to do this."
    
    According to the company officials, the programmer had a software tool
    known as crack that is used to extract passwords that have been stored
    and encrypted. But they said they did not believe that the program had
    been used successfully. Instead, they said the programmer might have
    observed another employee entering the password and then copied it.
    
    3DGeo executives said they did not have any indication whether the
    attempted theft was sanctioned by the Chinese National Petroleum
    Corporation. They said the Chinese company had purchased one program
    from the company, but that the theft involved a more powerful software
    program that would typically sell for $100,000 to $200,000.
    
    F.B.I. officials said the programmer had been assigned a public 
    defender. Calls to the Chinese consulate in San Francisco were not 
    returned.
    
     
    _______________________________________________________________________
    eric wolbrom, CISSP			Safe Harbor Technologies
    President & CIO				190 Goldens Bridge Ct.
    Voice 914.767.9090 ext. 6000		Katonah, NY 10536
    Fax   914.767.3911				http://www.shtech.net
    _______________________________________________________________________
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Sep 23 2002 - 03:24:37 PDT