CEO Catches Stranger After Hours, Prompting Espionage Charges

An anonymous reader shares a report: Samuel Straface thought he was the last one out the door one recent evening at the medical-technology startup he leads in suburban Boston. But as he passed a glass-walled conference room on the second floor, Dr. Straface says he saw a man he didn't recognize, sitting by himself in front of two open laptops and a tablet device. He continued walking a few steps toward the exit, but then, feeling uneasy, he turned back (Editor's note: the submitted link could be paywalled; alternative source). The man was later identified as Dong Liu, a dual citizen of China and Canada. And his after-hours computing at Medrobotics is at the center of an economic-espionage case brought by U.S. prosecutors. Mr. Liu is in federal custody, charged with attempting to steal trade secrets and trying to gain unauthorized access to the company's computer system, prosecutors said. If convicted of both charges, he could face a maximum sentence of 15 years in prison. "Mr. Liu adamantly asserts his innocence and we fully expect he'll be exonerated after a careful review of the evidence," said Robert Goldstein, Mr. Liu's defense attorney. The U.S. attorney's office for the District of Massachusetts declined to comment on the case beyond details in court records. Before his arrest, police said Mr. Liu told them he was there to discuss doing business with the company -- but Dr. Straface says no one had scheduled a meeting with Mr. Liu.

That CEO is a racist Xenophobe

[CajunArson]

"The man was later identified as Dong Liu, a dual citizen of China and Canada."

As a non-American this Dong is obviously a victim of racism -- which only exists in America -- and should be given an award for liberating information that wanted to be free from the clutches of evil racists like that CEO who DISCRIMINATED against Dong by using his brain.

You never discriminate against Dong.

[P.S. --> If that fucker had been a Russian then executing him on the spot and using it as indisputable proof that Trump committed treason in the election would be cool though. Xenophobia is only bad against some foreigners based on political convenience after all]

Re:That CEO is a racist Xenophobe

[K.+S.+Kyosuke]

You never discriminate against Dong.

Clearly that would be sexist as well.

Re: That CEO is a racist Xenophobe

Started post with "I'm sorry." Canadianism confirmed.

Re:That CEO is a racist Xenophobe

Man, people really do not get your sarcasm.

I get what he is attempting but think it comes across as ham handed and unfunny.

Paywall.

[Jahoda]

I don't understand why we have paywall-ed links on the front page.

Re: Paywall.

[ThePhish]

Look how long it took them to fix the MDSolar problem, much more serious things like paywalls are bound to take decad...

Nvm.

Re:Paywall.

[rsmith-mac]

Because often those are the original source of a story, and when doing a meta-story like this it's good journalism (and manners) to acknowledge and link to the original source.

If Slashdot doesn't link to the original source, then they're doing readers a disfavor by linking to a second-hand account. But at the same time if the original source is paywalled, then it's not going to be accessible to everyone. So linking to the original and offering an alternative link, they're both properly citing the original source and making sure a longer story is available to everyone.

Re:Paywall.

[Paradise+Pete]

You don't understand what hyphens are for either.

I thought he was just typing with an accent.

No pay wall here

[siriuskase]

https://beta.theglobeandmail.c...

Non paywalled versions

[jelwell]

A couple of sources that aren't paywalled:
https://execsecurity.com/news/...
http://www.cetusnews.com/busin...

Re:Non paywalled versions

[Tailhook]

The Internet perceives paywalls as damage and routes around them.

Stop praising China for being smart

They will be less likely to cheat next time.

Re:Stop praising China for being smart

[TWX]

I guess no one else found this funny but I chuckled.

Of course he was there for business reasons!

[hyades1]

"Mr. Liu told them he was there to discuss doing business with the company..."

Yes. Obviously. Exactly like a fox goes into a hen house to "do business" with the chickens.

Re:Of course he was there for business reasons!

[Tjp($)pjT]

Yes, as people often do business with a company by hiding in a bathroom with their feet on the toilet seat, waiting for the lights to go off, then making their way to a room with good guest WiFi, other networking and power easily accessible when they suspect no one is left in the office. Then we set up shop and probe their networks and download information, solely to prepare to do business with them. And bright and early the next day we'll be there waiting to start work with them! Yes, that has to be it!

People need to have their WiFi, and general network to offices cut-off when it is after hours. Heck, cut power to conference rooms after hours. We have sufficiently smart devices that swiping an access card could turn on lights to your office, and the power and network outlets in your office. WiFi is one of the biggest vulnerabilities to data security. Guest WiFi even more so as it is often left without a password requirement or the password is posted in conference rooms for all visitors to easily use. And often seldom if ever changes. Work smarter people. Intellectual property is one of the major items America still has significant "wealth" and contributions to the GDP.

I'm normally against overcharging

[DeplorableCodeMonkey]

But I think it's pretty clear from some of the stories about Chinese espionage that the only way we can disincentivize civilians from doing stuff like this is to completely upend their existence. Ex charge this guy with economic espionage, violating the Computer Fraud and Abuse Act and whatever else, then throw everything from criminal trespass to theft of services (if he's on the company's network).

Re:I'm normally against overcharging

You watch too many movies.

Re:I'm normally against overcharging

[Solandri]

It's worth pointing out that corporate espionage is not frowned upon in the East the way it is in the West. The prevailing attitude in East Asian countries (slowly changing) is that if you didn't take sufficient measures to safeguard your company's secrets and they got stolen, it's your own damn fault. In fact, employees are often expected to steal from competing companies when they can, and can be fired if they're ordered to conduct corporate espionage and they refuse.

This is why piracy is so rampant in East Asian countries. The concept of media being protected by law even though they lack any real protection, is foreign (again, slowly changing).

When Western countries were tripping over themselves to help China build high speed trains eagerly agreeing to conditions like doing the fabrication in China, I just shook my head at their naivete. And predictably, after China had gleaned enough knowledge to build the trains themselves - either by direct observation of the construction machines and plans, or by outright theft - they booted the Western companies out and began building the trains themselves. The Western reaction is "that's not fair!". The East Asian reaction is "how stupid can these guys be?"

Re:I'm normally against overcharging

[BlueStrat]

If he is actually in the employ of the Chinese state and is an illegal agent it's a fair bet the Chinese will do anything and everything to get him back...

Why would you think they'd do that? It's not like the Chinese value individual lives a great deal.

More than likely they'd either leave him to twist in the wind if he knows little that could hurt the Chinese government, or they'd simply have him killed while in custody by someone who has access to him and something to be blackmailed with or also otherwise in the Chinese government's employ.

Strat

Re:I'm normally against overcharging

[liquid_schwartz]

When Western countries were tripping over themselves to help China build high speed trains eagerly agreeing to conditions like doing the fabrication in China, I just shook my head at their naivete. And predictably, after China had gleaned enough knowledge to build the trains themselves - either by direct observation of the construction machines and plans, or by outright theft - they booted the Western companies out and began building the trains themselves. The Western reaction is "that's not fair!". The East Asian reaction is "how stupid can these guys be?"

To be fair most citizens and employees fully expected the Chinese to steal the plans and copy the trains and were generally these deals. The CEOs who got paid well to sell out the company are almost as guilty as the Chinese. Certainly accomplices. The politicians who turn a blind eye to forced technology transfers should be punished as well.

Computer security.

[Gravis+Zero]

Honestly, if you are in a field that is competitive enough where others would want to copy your work, you should at least take the proper measures to ensure that somebody cannot just walk in the building and access your data. Your drives should be encrypted at the very least.

Re:Computer security.

Read TFA:

"He gave inconsistent answers when questioned by police about how he got into the building, which is secured 24 hours a day and requires a key card to gain entrance, court papers said."

Re:Doesn't surprise me...

[GameboyRMH]

Came here to post that he wouldn't have got a second look if he was wearing a hardhat and reflective vest. Yes, even on the computers.

Re:Subscribe to read more!

Yeah both links supplied by the editors are paywalled. I found this though:

http://www.cetusnews.com/business/CEO-Catches-Stranger-After-Hours--Prompting-Espionage-Charges.HJg30svCq-.html

Newspaper Headline

[TexasDiaz]

Am I the only one who can foresee the best newspaper headline: "Chinese Dong caught 'doing business' behind Laptop" I'm just saying...

Dual citizen of China & Canada?

[thomastan]

You cannot get dual citizenship with China. Is this article accurate/believable?

Re:Dual citizen of China & Canada?

are you sure?

From wikipedia(https://en.wikipedia.org/wiki/Nationality_law_of_the_People's_Republic_of_China#Loss.2C_termination_and_renunciation_of_nationality):

"Also, Article 9 explicitly states that only Chinese nationals residing abroad who voluntarily acquires another country's citizenship shall be deemed as forfeiture of Chinese nationality. As a result, a Chinese national residing in China with no permanent residency in any foreign countries who obtains economic citizenship in another country does not lose Chinese nationality."

meaning if you buy your 2nd nationality then you do not need to forfeit your chinese nationality.

also for example: http://ipdpropertygroup.com/ci...

Re:"There for a meeting"

[dysmal]

https://www.csoonline.com/arti...

As the article stated, the CEO (Straface) was the last one out of the building which implies it's late (7pm? 8pm?). Regardless, if you're in an office to meet with someone and you notice that no one else is around after 2.5 hours, that's usually a sign that your meeting has been canceled!

Misread Title

[Herkum01]

Looking at the title I read it as CEO was caught downloading "Stranger After Hours" as a TV show being leaked online.

No more business as usual

[LeftCoastThinker]

The US needs to make China aware that this state sponsored economic terrorism will no longer be tolerated. I vote that every time there is a theft of US technology, we VOID $10 billion (minimum) of US treasuries held by China. Make it $50 billion if it is a military contractor. If they want to steal our technology, they are going to pay out the ass for it. If they run out of US debt, start putting a 1% tariff on all goods imported for a year, per incident. Watch companies start to flee China as the cost of producing goods there to import to the US skyrockets while the Chinese economy craters.

We cannot survive as a nation with the parasite of China continuously stealing our manufacturing, manipulating trade deficits and now stealing our technology. We either have to change or we are going to collapse.

And to all you globalists out there rooting for the US to fail, I hope you like living under a jack booted dictatorship with zero freedom and can speak Russian or Mandarin, because that is what will happen to you about 10 days after a US collapse.

Re:No more business as usual

[wickerprints]

While I agree with the principle of some form of financial/economic penalty along the lines of what you propose, I am unclear as to how this could be implemented effectively.

The problem with simply voiding any US debts to China (or any other sovereign nation) because we catch their agents committing corporate or military espionage, at least in my own naive understanding, is that it basically sends a signal to the world that the repayment of our debts is conditional and uncertain: should the US government simply decide "we don't like something you're doing so we will refuse to pay you back," this would have clear repercussions with respect to the ability for the US to borrow money. It's a bit like saying that because Volkswagen was caught manipulating vehicle emissions in some of their models, you don't have to pay back the loan on your vehicle whose emissions are compliant and therefore whose market value was not affected. There's no contractual basis for that unilateral decision on the borrower's part.

But again, I absolutely agree that such flagrant actions (and let's be real here, there is and has been widespread and pervasive and extremely successful corporate espionage committed by China for decades) should be punished so severely that it should cost significant amounts of money to ensure mere compliance. I just don't know how it could be done.

Re:No more business as usual

[swb]

The sword of Damocles works because it hangs, not because it falls.

The *potential* for voiding Chinese holdings of US treasuries should be held over them not because it's effective in any small case, but because it's an existential threat against any large-scale Chinese sell-off or other manipulation based on them.

We could void them selectively if we wanted, but ultimately the market would just price in that risk and raise interest rates.

Re:No more business as usual

[tlhIngan]

The sword of Damocles works because it hangs, not because it falls.

The *potential* for voiding Chinese holdings of US treasuries should be held over them not because it's effective in any small case, but because it's an existential threat against any large-scale Chinese sell-off or other manipulation based on them.

We could void them selectively if we wanted, but ultimately the market would just price in that risk and raise interest rates.

That's exactly what happens. Right now, people love US debt because in general, the US is a very trustworthy country that will repay the debt.

Threaten to invalidate that debt (i.e., fail to repay) and the US goes from "trustworthy" to "banana republic" - think of other countries failing to repay debt (like say, Greece). This means any time the US wants to borrow money, people will require a higher interest rate just because they're not sure the US will repay it.

It's just like a credit rating - most first world nations are generally quite good - AAA+ or so, which means they're low risk, and thus low interest. But it's a great place to park money you're not using - a safe investment and it also gets money flowing and economy humming. But do something like fail to pay a debt, or threaten to do so and you lose the nice credit rating and creditors will demand more money to cover the risk.

Yes, even personal loans work this way - that's why there are companies like Equifax making lots of money storing your credit history - the repayment rate is what determines if the bank will let you have the loan.

Re:"There for a meeting"

[bobbied]

The article I found on it (not WSJ) didn't give a time but it sounds like it was fairly late, and this guy is sitting alone in a conference room with multiple devices downloading files from the corporate network. I don't think the "I was just there for a meeting" defense is going to go very far.

This is horrible security on a number of levels...

Physical - How does an unauthorized person even get past the reception lobby and into a conference room? For Pete's sake people, don't let strangers wonder around the office by themselves. It's dangerous on sooo many levels.

Network - What kind of network security do you have? NOBODY, including your own employees should be able to just walk in and plug something into your network and get anything beyond an internet connection (if that). Personally, I'd dump any rouge device that pops up on my corporate LAN into purgatory. No connection for you! Beyond the "guest" network, I'd require authentication for network access.

If this story is true, this company has some serious security holes.

Re:"There for a meeting"

[TWX]

I'm curious what security camera footage, if any, will reveal about the defendant's arrival and movements through the building.

If he took advantage of the bustle at the end of the workday to slip-in and then hid for a time where he would be unlikely to be stumbled upon then he's screwed.

Re:"There for a meeting"

[AntronArgaiv]

Except...they caught the guy. Might actually help us learn more about how the Chinese do economic espionage, because they got his computers, too.

15 years max sounds on the light side. But it's Federal, which means no parole. This is totally theoretical, anyway, since if Dong is convicted, the Chinese will immediately arrest and convict a random US diplomat and then swap him for Dong.

Compatible with the Harvard Business School method

[Ungrounded+Lightning]

The CEOs who got paid well to sell out the company are almost as guilty as the Chinese.

It's right in line with a career building move for denizens of the C-suite (CEO, COO, CFO, CTO, ...) that is often attributed to the teachings of the Harvard Business School (though graduates of other business schools have also been seen to execute it). It works like this:

1. Join the company as the new, or turnaround, CEO (or whatever). Get a big package of stock options (a "free" leveraged investment that pays off drastically if, and only if, the stock price rises.)
2. Dump the R&D and other preparation for future products (and any personnel working on them). Perhaps also make some cuts in customer support for current products, cheapen the product, cut infrastructure maintenance, etc.. This drastically cuts expenses while not (initially) affecting revenue, boosting the "bottom line" of the financial statements.
3. Announce the big boost in profits at a few quarterly reports and the investor/financial media phone conferences. The stock price soars, as does the executives' reputation as a corporate administration wizard.
4. Select a successor (sucker), leave the company, and cash out the stock options. (PROFIT!) Of course cashing out when leaving is viewed as prudent, since the company will now be run by somebody else the way THEY feel like running it.
5. Rinse and repeat at your next company. Meanwhile, your successor is in charge, and catches the blame, when the house of cards collapses.

The scam depends on the benefits being immediate and the damages, though bigger, being delayed.

Moving production to China (or some other offshore sites), with its far lower costs but track record of expropriation of trade secrets (which takes a while to spin up into a competing product) has exactly the same structure.

Of course it's a breach of fiduciary duty for officers of a corporation to do this. But they can make it LOOK like they're being responsible by taking advantage of the drastically lower production prices to "maximize investor value".

Until enough investors catch on to this, and both the markets and stockholder meetings shift to make this a losing strategy for executives (or regulators pick up on it ditto), expect it to continue.