Electricfish malware is used to forge covert pathways out of infected Windows PCs.
Insider threats are a common problem for companies now increasingly reliant on computers and electronic systems, with the risk of intellectual property theft a constant worry.
For one locomotive manufacturer in Chicago, a software engineer handed the keys to the kingdom became the ultimate example of how much data can be stolen by a single individual — and where it may end up.
According to newly unsealed federal indictment charges revealed by the US Department of Justice (DoJ) on Thursday, Xudong “William” Yao is currently in hiding after allegedly stealing a vast array of information belonging to his former employer.
See also: Today in thoughtcrime: UK bill makes clicking on ‘terrorism’ links worth a jail term
The unnamed locomotive manufacturer hired Yao in 2014. US prosecutors say that within two weeks of starting his new job, Yao downloaded over 3,000 electronic files containing “proprietary and trade secret information relating to the system that operates the manufacturer’s locomotives.”
This was not the end of the matter. Over the course of the next six months, the software engineer allegedly continued to download and steal more files containing corporate and intellectual property.
Notably, this included nine complete copies of the company’s control system source code and the technical blueprints which described how the source code worked in depth.
While Yao pilfered the US company’s trade secrets, the engineer also reportedly accepted a job with a business in China that specializes in automotive telematics.
TechRepublic: Wannacry ransomware attack: Industry experts offer their tips for prevention
In February 2015, Yao was fired for reasons which were not related to theft by the US locomotive firm. In July 2015, following his dismissal, Yao made copies of the stolen data, traveled to China, and began working for his new employer. The engineer then traveled to Chicago with the stolen intellectual property in his possession before once again returning to China.
Since his last known movements, the engineer has not been traced, but US law enforcement believes Yao is on the run in the country. A federal warrant was issued in 2017 but the engineer is yet to be apprehended.
Yao is charged with nine counts of theft of trade secrets. If found and convicted, the software engineer faces up to 10 years in prison.
CNET: The best antivirus protection of 2019 for Windows 10
Earlier this month, a 64-year-old electrical engineer was found guilty of conspiring to smuggle military-grade semiconductor chips to China. The engineer and co-conspirators posed as customers to gain access to custom processors, and the physical products were then shipped to a Chinese company. The processors are used by clients including the US Air Force and DARPA.
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0