China used honeytraps and spying interns in industrial espionage, according to leaked French intelligence files.
One report claimed a top researcher in a major French pharmaceutical company was wined and dined by a Chinese girl and ended up in bed with her.
“When he was shown the recorded film of the previous night in his hotel room . . . he proved highly co-operative,” said an economic intelligence official.
In another case, an unnamed French company realized too late that a sample of its patented liquid had left the building after the visit of a Chinese delegation. One of the visitors had dipped his tie into the liquid to take home a sample and copy it.
Companies should do more to protect themselves from prying eyes among the 30,000 Chinese students who conduct internships in France, experts warned.
Among the most frequent methods cited by French intelligence is the so-called “lamprey technique”, which usually takes the form of an international tender for business. “The aim of the project is to attract responses from developed countries,” notes the report. When Western companies vie to respond, they are cajoled and “told to improve their technical offering”.
“Each (company) tries to outdo the other, once, twice, several times until the Chinese consider they’ve had enough.” Once key information has been gathered, the bidders are told the project has been shelved and the information is used by the Chinese to develop its own products.
A prime example was a recent multi-billion dollar tender to build China’s high-speed train. France’s TGV was a bidder. As part of the process, the French embassy in Beijing organized a six-month training course for Chinese engineers. Soon afterwards China brought out its own high-speed train remarkably similar to the TGV and Germany’s ICE train.
Another technique is the “mushroom factory”, in which French industries create a joint venture with a local Chinese firm and transfer part of their technology. Later local rivals emerge, “offer identical products and are run by the Chinese head of the company that initiated the joint venture”. A third technique is to turn the tables on a foreign firm by accusing it of counterfeiting. Schneider Electric was taken to court over a hook in its fuse box, which it patented in 1996. Its Chinese rival Chint started building the same hook, took Schneider to court in China for copying its design and Schneider was ordered to pay a $49.5 million.
Renault, the French carmaker is embroiled in an espionage scandal involving three top executives over allegations they were paid to hand over car secrets to a Chinese firm.
U.S. surveillance. The Obama administration, once again, is reaching farther than its predecessor on electronic surveillance. Now it wants a law requiring internet service providers to keep logs of their customers on the web — all of them, not suspected bad actors — just in case the government may want the data. Lots of ISPs keep logs already, but the government is trying to ensure that you can’t find one that offers greater privacy. This is not different in concept from requiring hotels and restaurants to install microphones and video recorders in every public space, lest the country’s 30 million existing surveillance cameras miss a spot. The Justice Department’s Jason Weinstein told Congress the proposed new law is — no, really — good for privacy:
… malicious cyber actors do not respect our laws or our privacy. The government has an obligation to prevent, disrupt, deter, and defeat such intrusions…Privacy interests can be undercut when data is not retained for a reasonable period of time, thereby preventing law enforcement officers from obtaining the information they need to catch and prosecute those criminals.
Can you spot the logical elision here? Surveillance is usually justified by reference to pedophiles and cyber spies, but most of the government’s data mining — involving hundreds of thousands of secret requests each year — do not even assert a reasonable suspicion that a customer has done anything wrong. The post-Patriot Act legal standard requires only that authorities can plausibly describe the information as “relevant to” an investigation. Authorities acknowledge that an enormous number of innocent Americans have had their private data swept up and stored (usually forever) in government archives.
Chinese cyber-spying. Government sponsored hackers in China appear to have impersonated National Journal‘s Bruce Stokes in a spear-phishing email attack on US diplomats. It’s a new twist on an old scheme, and it’s a reminder that you can’t assume the person on the “From” line is who he says he is:
The e-mails that seemed to come from Stokes contained a virus that, if opened, would have burrowed an electronic tunnel to the host computer, letting the intruder root around in the owner’s files and siphon off copies.
A minimum precaution: keep your anti-malware protections up to date, and install security updates for all your software as soon as they arrive.
Why I’ll Probably Be Locked Out of Facebook Soon. Facebook means well with its new security plan, which authenticates suspicious log-on attempts by asking users to identify photos of their friends. But there are “friends” and friends. Readers of my book on Dick Cheney often friend me, and I couldn’t name one of them by sight. And what about all those friends of yours whose profile pictures are babies and animals? Pick ten random names from your friends list. Could you pass Facebook’s new test?
New York – According to intelligence agencies, China is enlisting beautiful women for corporate espionage in the West. How does the dreaded “honeytrap” method work?
According to leaked French intelligence files, China has been employing beautiful female spies — the dreaded “honeytrap” method — and blackmail to steal business secrets from French executives. And it wouldn’t be the first time that China has used such tricks to gain access to privileged information. Here, a brief guide:
How does the “honeytrap” work? A beautiful woman wines, dines, and even beds a mark to get information from him, a la many a Bond flick. The French intelligence reports cite a case in which a young Chinese woman slept with a top French researcher at a major pharmaceutical company, a man unaware that she was a spy and that the encounter had been videotaped. “When he was shown the recorded film of the previous night in his hotel room… he proved highly cooperative,” says an intelligence official.
Have other countries fallen victim to Chinese “honeytraps”? Yes, in early 2010, Britain’s MI5 accused the Chinese government of using honeytrap schemes to hack into corporate British computer networks. Two years earlier, MI5 had distributed a document titled “The Threat from Chinese Espionage” to security officials, British banks, and businesses, explicitly warning executives of honeytraps and subsequent blackmail attempts: “Chinese intelligence services have also been known to exploit vulnerabilities such as sexual relationships and illegal activities to pressurize individuals to cooperate with them,” it read. “Hotel rooms in major Chinese cities such as Beijing and Shanghai which have been frequented by foreigners are likely to be bugged. Hotel rooms have been searched while the occupants are out of the room.”
What other means of espionage are the Chinese reportedly using? Other techniques cited by French intelligence officials include the “lamprey” and the “mushroom factory.” The lamprey technique involves soliciting business proposals from Western countries, and then rejecting the applications, telling bidders that they need “to improve their technical offering”; the Chinese then use what they’ve learned from the bids to develop their own products. In a recent incident, France’s TGV bid on a proposed high-speed Chinese train project, and even arranged a six-month training course for Chinese engineers, only to watch China build its own train that looked “remarkably similar” to the TGV trains. In the mushroom factory technique, local Chinese firms partnered with French companies in a joint venture, only to be bested by local “rivals” that were actually run by the original Chinese firm. Danone, a French dairy company, reportedly fell victim to this trick.
NEWARK, N.J. — State Police have taken over security at New Jersey’s largest sewerage authority after a small hole was found drilled into the executive director’s office.
Officials say the hole would allow anyone to eavesdrop on Passaic Valley Sewerage Commission director Wayne Forrest from a storeroom below.
The embattled agency’s chief financial officer Kenneth Pengitore abruptly resigned from his $163,869-a-year job Wednesday. Forrest also fired five other employees, including the wife and brother of a former commissioner.
Forrest said the actions were necessary to restore public trust and accountability.
The resignation and terminations followed the arrests Tuesday of three top-level executives. They’re charged with official misconduct for allegedly using employees to perform personal home improvements and repairs during work hours.
The Securities and Exchange Commission was formally charged six men in an insider trading case.
The group includes Anthony Longoria, a former manager at AMD, as well as Daniel DeVore, a manager at Dell as well as Marvell consultant Winifred Jiau, Flextronics executive Walter Shimoon and two employees of investment research firm Primary Global.
Longoria, Shimoon as well as the primary Global employees were arrested in an FBI sting back in December. The original accusation involved passing on confidential product information in exchange for money to Primary Global. These new SEC charges apparently stem from new findings from an ongoing investigation as the organization alleges that Longoria, DeVore, Jiau and shimoon “obtained material, non-public confidential information about quarterly earnings and performance data and shared that information with hedge funds and other clients of PGR who traded on the inside information.” According to the SEC, the illegally provided information resulted in profits in the amount of about $6 million. “Company executives and other insiders moonlighting as consultants to hedge funds cannot blatantly peddle their company’s confidential information for personal gain,” Robert Khuzami, director of the SEC’s Division of Enforcement, said in a statement.
According to the SEC, Longoria collected more than 130,000 in consulting fees from primary Global, while DeVore was paid about $145,000, Shimoon $13,600 and Jiau $200,000. The complaint filed by the SEC asks to prevent Longoria, Shimoon and DeVore from acting as an officer or director of any registered public company, to repay any gains including interest and pay additional penalties. Similar cases in the past have also resulted in jail time.
