Recent United States Department of Justice (“DOJ”) indictments of Chinese hackers provide a reminder that trade secrets and other intellectual property stored on databases are attractive targets to bad actors. The DOJ announced that seven international defendants were charged in connection with computer intrusion campaigns impacting more than 100 victims in the United States and abroad.

The victims of the cyberattacks included software development companies, computer hardware manufacturers, telecommunications providers, social media companies, video game companies, non-profit organizations, universities, think tanks, and foreign governments. The hacking facilitated the theft of source code, software code signing certificates, customer account data, and other valuable business information. These cyberattacks also enabled the defendants’ other criminal schemes, including ransomware attacks and “crypto-jacking” schemes, which involve the unauthorized use of victim computers to “mine” cryptocurrency.Continue Reading DOJ Indictment of Chinese Hackers for Break-Ins at 100 Companies Reinforces The Importance of Protecting Trade Secrets and Implementing Security Protections

This week, the U.S. government continued its enforcement activity against Chinese government-sponsored trade secret theft, indicting two Chinese hackers for allegedly stealing data from 25 domestic and international companies, including targeting those now researching COVID-19 testing, vaccines, and treatment. The two defendants had allegedly acquired hundreds of millions of dollars worth of trade secrets and other valuable business information across a span of nearly eleven years. This announcement follows in the wake of the indictment of Dr. Charles Lieber, a former Harvard professor, who allegedly lied about his participation in China’s “Thousand Talents Plan,” a program that has been accused of facilitating the stealing of American trade secrets. Our coverage of that indictment is here.

On Tuesday, July 21, 2020, the U.S. Department of Justice (“DOJ”) announced charges against Li Xiaoyu and Dong Jiazhi in the Eastern District of Washington, alleging that they hacked the computer networks of 13 United States and 12 international companies in industries ranging from high tech manufacturing and medical device engineering to solar energy and pharmaceuticals, all between September 2009 and July 2020.
Continue Reading DOJ Targets Chinese Hackers for Stealing United States Trade Secrets

On May 22, the Eleventh Circuit clarified trade secrets misappropriation analysis under the Florida Uniform Trade Secrets Act (“FUTSA”), strengthening the trade secret protection offered by the statute. The decision vacated a magistrate judge’s finding that the defendants had not misappropriated trade secretes following a bench trial in the Compulife Software Inc. v. Newman et al. matter (No. 18-12004). The court found error in the magistrate’s failure to “consider the several alternative varieties of misappropriation” contemplated by FUTSA and the magistrate’s reasoning that the public availability of life insurance quotes on the plaintiff’s website “automatically precluded a finding that scraping those quotes constituted misappropriation.”

“At its essence, it’s a case about high-tech corporate espionage,” Circuit Judge Kevin C. Newsom’s opinion begins. The plaintiff, Compulife Software Inc. (“Compulife”), sells access to its online database of insurance premium information, which synthesizes publicly available insurers’ rate tables using Compulife’s proprietary method and formula. Compulife also provides life insurance quotes sourced from its online database. The database itself is valuable because it consistently updates with current information about life insurers’ rate tables and allows for direct comparison across dozens of providers. Compulife licenses access to the database to its customers—primarily insurance agents who in turn seek to provide reliable insurance rate estimates to policyholders. In direct competition with Compulife, the defendants likewise generate life insurance quotes through their various websites.Continue Reading Eleventh Circuit Solidifies Protection of Trade Secrets Threatened By “High-Tech Corporate Espionage” Under Florida’s Trade Secret Law

The COVID-19 crisis has presented an array of novel issues for companies, including new and unexpected cybersecurity threats. In addition to the now well-known security limitations of video platforms such as Zoom, we are seeing cyber-attacks in the form of COVID-19 related phishing attempts and ransomware attacks. In at least some of these attempted hacks, cybercriminals are hoping to steal trade secrets.

  • Cybercriminals are taking advantage of the novel at-home working environment and the increased fear and uncertainty surrounding the pandemic to launch malware and phishing attacks related to COVID-19.
  • Employees may be more likely to click a link or open an attachment, even though they would never consider doing so in a normal situation at work.
  • Therefore, malware may pose more of a danger than it did when employees primarily accessed their email over their employers’ traditionally more protected systems.
  • Companies should consider putting employees on notice about the COVID-19 related phishing attempts and provide examples of common scams.

Continue Reading COVID-19 and the Unique Opportunity for Phishing