Category Archives: China aggression

Tech Companies Filed Amicus Brief, Supports Foreign Workers

Posted on by

Amicus Brief Tech companies This is an employment epidemic across the nation where companies sponsor foreign national for domestic jobs, leaving thousands to train their replacements. We have not addresses how many could be purposely placed for industrial espionage.

Related reading: China’s Best Method of Industrial Espionage

***

Apple, Google, Microsoft pile in: 97 US tech firms file brief against Trump’s travel ban

In part from ZDNet: Immigrants or their children founded 200 US companies that generate $4.2 trillion in annual revenues, the brief highlights, among them Apple, AT&T, and Google, as well as Ford, General Electric, McDonald’s, Boeing, and Disney.

“Businesses and employees have little incentive to go through the laborious process of sponsoring or obtaining a visa, and relocating to the United States, if an employee may be unexpectedly halted at the border.

“Skilled individuals will not wish to immigrate to the country if they may be cut off without warning from their spouses, grandparents, relatives, and friends. They will not pull up roots, incur significant economic risk, and subject their family to considerable uncertainty to immigrate to the United States in the face of this instability.” Full article here.

***

The H1-B visa program has a cap to the number allowed to be issued. It is a visa program that needs more scrutiny by Congress for the sake of American employees. There have been abuses to the program and further companies like Disney hire foreign nationals to replaced domestic employees driving down the salary costs.

Janet Napolitano, the former Secretary of the Department of Homeland security and now the president of the University of California system knows it all so well and how to work the system.

In part from the LATimes: Using a visa loophole to fire well-paid U.S. information technology workers and replace them with low-paid immigrants from India is despicable enough when it’s done by profit-making companies such as Southern California Edison and Walt Disney Co.

But the latest employer to try this stunt sets a new mark in what might be termed “job laundering.” It’s the University of California. Experts in the abuse of so-called H-1B visas say UC is the first public university to send the jobs of American IT staff offshore. That’s not a distinction UC should wear proudly. Full op-ed here.

*** One of 5 huge examples beyond California is:

Pfizer Connecticut R&D

In 2008, workers at pharmaceutical giant Pfizer’s New London and Groton (Connecticut) research and development campus raised the alarm: They were being replaced by Indian workers on H-1B visas and forced to train their replacements. Those outsourced workers were scheduled to return to India, where they will run the same systems as their U.S. counterparts, albeit at a cheaper rate and with diminished benefits. The move was part of an outsourcing agreement signed in 2005 between Pfizer, Infosys Technologies and Satyam Computer Services. More here.

***

A 100 page Joint Venture report for tech companies includes the following text:

Foreign-Born Residents

Silicon Valley has an extraordinarily large share of residents who are foreign born (37.4%, compared to California, 27.1%, or the United States, 13.3%). This population share increases to 50% for the employed, core working age population (ages 25-44), and even higher for certain occupational groups. For instance, nearly 74% of all Silicon Valley employed Computer and Mathematical workers ages 25-44 in 2014 were foreign-born. Correspondingly, the region also has an incredibly large share of foreign-language speakers, with 51% of Silicon Valley’s population over age five speaking a language other than exclusively English at home (compared to 43% in San Francisco, 44% in California, and 21% in the United States as a whole). This majority share in 2014 was up from 49% in 2011.

*** The Senate held a hearing in 2015 with a few former employees that were forced to train their foreign replacements. Many of these employees are paid a severance package but it also includes a major stipulation to remain mute on the topic as noted below:

My former company, a large utility company, replaced 220 American IT workers with H-1Bs…we would have to train them in order to receive our severance packages. This was one of the most humiliating situations that I have ever been in as an IT professional.

The whole IT department was going through the same fate as myself. Those were the longest and hardest five months of my life. Not only did I lose a work family, but I lost my job and my self-esteem. We had constant emails sent by HR that we could not talk about this situation to anyone or make posts to social media. If we did, we would be fired immediately and not get our severance. Read the full article here.

 

Cruz and Poe Introduce Legislation for States to Reject Refugees

Posted on by

There is some additional help coming from the Trump administration as President Trump is likely to issue and sign executive order on immigration that will impact visa holders from Iraq, Iran, Libya, Somalia, Sudan, Syria and Yemen. These are worn torn countries where hostilities continue with terror organizations. An issue that still remains however that Trump has not addressed is the asylum seekers.

S. 2363 (114th): State Refugee Security Act of 2015

A bill to amend the Immigration and Nationality Act to permit the Governor of a State to reject the resettlement of a refugee in that State unless there is adequate assurance that the alien does not present a security risk and for other purposes. The 2 page text is here.

New bill from Cruz, Poe would let states reject refugees

WT: Republicans in the House and Senate have introduced legislation that would give governors the power to reject federal efforts to resettle refugees in their states.

The bill from Sen. Ted Cruz and Rep. Ted Poe, both of Texas, is a reaction to years of growing GOP frustration with the Obama administration’s aggressive effort to take in refugees and resettle them across the country. Republicans continue to have doubts that refugees can be vetted to ensure they aren’t Islamic State terrorists.

The State Refugee Security Act would require the federal government to notify states at least 21 days before they seek to settle a refugee. Under the bill, if a state governor certifies that the federal government hasn’t offered enough assurances that the refugee does not pose a security risk, the state can block the resettlement effort.

Poe said the Obama administration’s “open door policy” has forced states to take on refugees without these guarantees, and said states need a way to opt out.

“Until the federal government can conduct thorough security screenings and confirm that there are no security risks, Congress should empower states to be able to protect their citizens by refusing to participate in this program,” he said.

Cruz said the first obligation of the president is to keep Americans safe, and said the bill would be a step in that direction.

“I am encouraged that, unlike the previous administration, one of President Trump‘s top priorities is to defeat radical Islamic terrorism,” he said. “To augment the efforts of the new administration, this legislation I have introduced will reinforce the authority of the states and governors to keep their citizens safe.”

****

The Trump White House also has not addressed the issue of criminal deportation of foreign nationals. Each foreign inmate is known to cost the taxpayer an estimated $21,000 per year. Enforcement and removal operations of those illegal foreign nationals now falls to the newly confirmed DHS Secretary Kelly.

FY 2015 ICE Immigration Removals

In addition to its criminal investigative responsibilities, ICE shares responsibility for enforcing the nation’s civil immigration laws with U.S. Customs and Border Protection (CBP) and U.S. Citizenship and Immigration Services (USCIS). ICE’s role in the immigration enforcement system is focused on two primary missions: (1) the identification and apprehension of criminal aliens and other removable individuals located in the United States; and (2) the detention and removal of those individuals apprehended in the interior of the U.S., as well as those apprehended by CBP officers and agents patrolling our nation’s borders.

In executing these responsibilities, ICE has prioritized its limited resources on the identification and removal of criminal aliens and those apprehended at the border while attempting to unlawfully enter the United States. This report provides an overview of ICE Fiscal Year (FY) 2015 civil immigration enforcement and removal operations. See FY 2015 ICE Immigration Removals Statistics

Expectations of a quick solution and immediate movement to address the immigration matter are misplaced as this will be a long slog of an operation and will take the coordination of several agencies including the U.S. State Department which is presently operating without a Secretary until Rex Tillerson is confirmed and sworn in. The fallout will include a diplomatic challenge which is many cases does need to occur, however other nations such as China and Russia will step in to intrude on the process including those at the United Nations level, falling into the lap of the newly confirmed U.S. Ambassador to the United Nations, Nikki Haley.

Cruz: Obama ‘rolled over’ on hacking and Trump gets Advice

Posted on by

He is right and the proof most recently was in February of 2016, with the posted Executive Orders.

WASHINGTON — Through two executive orders signed Tuesday, President Obama put in place a structure to fortify the government’s defenses against cyber attacks and protect the personal information the government keeps about its citizens.

The orders came the same day as Obama sent to Congress a proposed 2017 budget that includes $19 billion for information technology upgrades and other cyber initiatives.

In September of 2015, Obama held a meeting on cyber with China’s Xi. Perhaps there was no formal sanction or punishment of China due in part to the U.S. debt they hold. Obama also held meetings with key Congressional leaders in 2015 on the issue of cyber. Going back to 2013, Obama held sessions with corporate CEO’s to discuss efforts to improve cybersecurity amid growing concerns within the administration over attacks from China targeting American businesses.

The president will discuss efforts to address the cyber threat facing the country and get the executives’ feedback on how the government and private sector can forge a relationship to improve cybersecurity in the United States, according to The White House. The meeting will be held in the Situation Room and attendees include AT&T CEO Randall Stephenson and Northrup Grumman CEO Wesley Bush.

Not until February of 2016, did Obama launch the Cybersecurity National Action Plan which was headed by Tom Donilon, his National Security Advisor and Sam Palmisano, former CEO of IBM. There was no traction and given the recent cyber intrusions, there is likely a LOT of ‘ooops’ coming from the White House and should. No corporation, bank, government agency or other private entity ever wants to publically announced they have been hacked or their vulnerability, as it only invites more cyber chaos but the United States including top government agencies and the White House along with the State Department have all been victim of both Russian and Chinese cyber attacks of various forms.

***

Sen. Ted Cruz says he hopes the incoming Trump administration is tougher on dealing with cyberattacks than the “weakness” he saw from President Obama on hacking by Russia and other foreign adversaries.

“One of the reasons these cyberattacks are so prevalent is that Barack Obama and his administration have rolled over for eight years,” Cruz said Thursday on “The Mike Gallagher Show.”

“They have shown nothing but weakness and appeasement in the face of those attacks. This is something I hope and believe will change with the new administration,” he said.

Cruz insisted neither Russian hacking nor WikiLeaks revelations last year about the Democratic Party significantly influenced Donald Trump’s victory in the presidential election.

“I think that there’s no evidence whatsoever that Russia’s efforts against us, which have been longstanding, did anything to affect the campaign,” said Cruz, who competed against Trump in last year’s GOP primaries.

“It’s, frankly, patently absurd,” Cruz added of claims Russia or WikiLeaks helped Trump win. “You can’t credibly argue that [WikiLeaks’] disclosures impacted the election because most voters never heard it.” More here from TheHill.

****

Task Force Issues Cybersecurity Advice to Donald Trump

‘From Awareness to Action: A Cybersecurity Agenda for the 45th President’

A task force co-chaired by two U.S. lawmakers and a former federal CIO is issuing a 34-page report recommending a cybersecurity agenda for the incoming Trump administration. The report recommends the new administration jettison outdated ways the federal government tackles cybersecurity, noting: “Once-powerful ideas have been transformed into clichés.”

The report from the CSIS Cyber Policy Task Force – From Awareness to Action: A Cybersecurity Agenda for the 45th President – will be formally unveiled on Jan. 5. It comes from the think tank Center for Strategic and International Studies, which sponsored the Commission on Cybersecurity for the 44th Presidency that made recommendations to then-President-elect Barack Obama in 2008.

“In the eight years since that report was published, there has been much activity, but despite an exponential increase in attention to cybersecurity, we are still at risk and there is much for the next administration to do,” the new report’s introduction states.

Cybersecurity Goals for Trump Administration

The task force outlined five major issues President-elect Donald Trump and his administration should address, including:

  1. Deciding on a new international strategy to account for a very different and dangerous global security environment.
  2. Making a greater effort to reduce and control cybercrime.
  3. Accelerating efforts to secure critical infrastructures and services and improving cyber hygiene across economic sectors. As part of this, the Trump administration must develop a new approach to securing government agencies and services and improve authentication of identity.
  4. Identifying where federal involvement in resource issues, such as research or workforce development, is necessary, and where such efforts are best left to the private sector.
  5. Considering how to organize the U.S. effort to defend cyberspace. Clarifying the role of the Department of Homeland Security is crucial, and the new administration must either strengthen DHS or create a new cybersecurity agency.

Ditching Outmoded Security Practices

Task force members recommend the new administration should get rid of outdated ways the federal government tackles cybersecurity. The report notes: “Statements about strengthening public-private partnerships, information sharing or innovation lead to policy dead ends. … Once-powerful ideas have been transformed into clichés. Others have become excuses for inaction.”

As an example, the task force cites the National Strategy for Trusted Identities in Cyberspace, a government initiative unveiled in 2011, which envisioned a cyber-ecosystem that promotes trust and security while performing sensitive transactions online. The task force contends NSTIC “achieved little,” asserting that such initiatives fail because they aren’t attuned to market forces. “There are few takers for a product or service for which there is no demand or for which there are commercial alternatives.”

The task force makes recommendations on dozens of policies and technologies.

On encryption, for instance, it suggests that the president develop a policy that supports the use of strong encryption for privacy and security while specifying the conditions and processes under which assistance from the private sector for lawful access to data can be required. It also states that the president should direct the National Institute of Standards and Technology to work with encryption experts, technology providers and internet service providers to develop standards and ways to protect applications and data in the cloud and provide secure methods for data resiliency and recovery.

“Ultimately,” the report says, “encryption policy requires a political decision on risk. Untrammeled use of encryption increases the risk from crime and terrorism, but societies may find this risk acceptable given the difficulty of imposing restrictions. No one in our groups believed that risk currently justifies restrictions.”

Battling Cybercrime

In battling cybercrime, the task force sees “active defense,” a term it says has become associated with vigilantism, hack back and cyber privateers, as only a stopgap measure to address the private sector’s frustration over the apparent impunity of trans-border criminals. The Trump administration should seek ways to help companies move beyond their traditional perimeter defenses and focus on identifying federal actions that could disrupt cybercriminals’ business model or expand the work of federal agencies and service providers against botnets, according to the report.

To make cybercrime less profitable, the task force recommends the new administration identify actions that would impede the monetization of stolen data and credentials. Other recommendations include accelerating the move to multifactor authentication and identifying better ways to counter and disrupt botnets, a growing risk as more devices become connected to the internet. The task force says this could be done by expanding the ability to obtain civil injunctions for use against botnets and raising the penalties for using botnets against critical infrastructure.

The role of the military to protect civilian critical infrastructure turned out to be among the most contentious issues the group debated. A few task force members said that the Defense Department should play an expanded and perhaps leading role in critical infrastructure protection, according to the report. Most members, though, believed that this mission must be assigned to a civilian agency, not to DoD or a law enforcement agency such as the FBI.

“While recognizing that the National Security Agency, an element of DoD, has unrivaled skills, we believe that the best approach is to strengthen DHS, not to make it a ‘mini-NSA,’ and to focus its mission on mitigation of threats and attacks, not on retaliation, intelligence collection or law enforcement,” the report states.

Organizing Government Cybersecurity

DHS is the focal point in cybersecurity protection among civilian agencies as well as civilian-led critical infrastructure. The task force recommends that an independent agency be established within DHS focused exclusively on cybersecurity.

The task force says Trump should quickly name a new cybersecurity coordinator and elevate the White House position two notches to assistant to the president from special assistant to the president. Also, the group says Trump should back away from his pledge to conduct a cybersecurity review, as was done at the beginning of the Obama administration.

The task force co-chairs are:

  • Rep. Michael McCaul, R-Texas, chairman of the House Homeland Security Committee and co-founder of the Congressional Cybersecurity Caucus;
  • Sen. Sheldon Whitehouse, D-R.I., sponsor of legislation to require federal law enforcement and national security agencies to account for cyberattacks;
  • Karen Evans, a cybersecurity adviser to the Trump transition team who’s national director of the U.S. Cyber Challenge and formerly served as White House administrator for e-government and information technology, a position now known as U.S. CIO; and
  • Sameer Bhalotra, co-founder and CEO of the cybersecurity startup Stackrox and a senior associate at CSIS.

CSIS Senior Vice President James Lewis, the think tank’s cybersecurity expert, served as the task force project director.

How bad is it?

USAToday:

Exhibit A: The Social Security Administration system still runs on a platform written in the 1960s in the COBOL programming language, and takes 400 people just to maintain, Obama said.

“If we’re going to really secure those in a serious way, then we need to upgrade them,” Obama told reporters Tuesday after meeting with advisers on the issue. “And that is something that we should all be able to agree on. This is not an ideological issue. It doesn’t matter whether there’s a Democratic President or a Republican President. If you’ve got broken, old systems — computers, mainframes, software that doesn’t work anymore — then you can keep on putting a bunch of patches on it, but it’s not going to make it safe.”

To implement those upgrades, Obama created two new entities Tuesday: The first, a Commission on Enhancing National Cybersecurity, will be made up of business, technology, national security and law enforcement leaders who will make recommendations to strengthen online security in the public and private sectors. It will deliver a report to the president by Dec. 1.

The second, a Federal Privacy Council, will bring together chief privacy officers from 25 federal agencies to coordinate efforts to protect the vast amounts of data the federal government collects and maintains about taxpayers and citizens.

Obama’s cybersecurity adviser, Michael Daniel, said the structure allows the administration to move forward even without additional authority from Congress by “driving our executive authority to the limit.”

The administration’s plan will look at cybersecurity both inside and outside the government. There will be more training and shared resources among government agencies, 48 dedicated teams to respond to attacks, and student loan forgiveness to help recruit top technical talent.

But the will plan also promote better security practices throughout the economy, by encouraging through multi-factor authentication that uses additional information in addition to a password. The government is also looking to reduce its use of Social Security numbers the unique identifier for all Americans.

Across the government, the Obama administration wants to spend $19 billion on cybersecurity in 2017, a 35% increase over 2016. But the plan does not rely on an increase in funding. “We can do quite a bit of it even without the additional resources,” Daniel said.

The White House said it also plans to create the new position of Chief Information Security Officer to coordinate modernization efforts across the government, including a a $3.1 billion Information Technology Modernization Fund. “That’s a key role that many private-sector companies have long implemented, and it’s a good practice for the federal government,” said Tony Scott, the U.S. Chief Information Officer.

The president is expected to meet with national security advisers Tuesday morning to launch the new effort.

Cyber Hacking Tools for Sale on Underground Network

Posted on by

Executive Editor Fionnuala Sweeney sits down with Steve Grobman, Chief Security Officer with the Intel Security Group. When it comes to America’s security in the cyberspace, the U.S. government and the private sector haven’t always seen eye to eye.

****

Stop the denial about Russian intrusion…..how about taking the United States out of the debate and examine other countries… you must also remember that all payments and or salaries are often paid for using Bitcoin….un-traceable. Have you thought about Islamic State migrating to hacking operations using ransomware?

****

Brit cyber warriors fight off two hacking attempts against the state every day

The National Cyber Security Centre has foiled 86 attacks in its first month – most of which are suspected to have come from China, North Korea, Russia, Iran and criminal gangs

Cyber warriors are fighting off more than two major hacking attempts against the British state every day.

Top targets include the Bank of England , the Ministry of Defence , nuclear bases, security services and infrastructure such as transport, the NHS and power systems.

Chief suspects are China, North Korea, Russia, Iran and major criminal gangs.

The National Cyber Security Centre foiled 68 major attacks in the first month after it was launched in October.

China is suspected of trying to steal technology or probing our security and finance systems while Russian is feared to be testing security and military networks.

It is believed North Korea may be doing all the above and Iran is suspected of acting for other countries, including Syria .

Retail, technology and security firms have also been hit. Senior security sources say a major theft of aerospace technology cost hundreds of millions of pounds.

It is thought cyber experts have responded to many of the attacks by hacking into systems used by the attackers. A source said: “This is the new front line.”

The NCSC was formed as part of a £1.9billion government crackdown.

At its launch Chancellor Philip Hammond said we had to hit back against “foreign actors” or face having planes grounded or being left in darkness.

Going back to 2012, was this fella part of a Kremlin authorized hack operation? If not, is he a proxy? Note what corporations and operations had cyber intrusions…

A Russian man was arrested in Cyprus last week for allegedly launching two distributed denial-of-service attacks on Amazon.com in June 2008.

Dmitry Olegovick Zubakha, a 25-year-old man from Moscow, was indicted last year by a Seattle grand jury for conspiracy to intentionally cause damage without authorization to a protected computer and possession of more than 15 unauthorized access devices.

In addition to the attack on Amazon, Zubakha was linked to similar attacks on Priceline.com and eBay.

Along with fellow hacker Sergey Logashov, Zubakha is alleged to have launched the attack using a botnet of computers under the control of multiple users. The duo brazenly took credit for the attacks on hacker forums, according to the indictment.

In addition to their denial-of-service attacks, law enforcement also traced 28,000 stolen credit-card numbers back to both men, which helped lead to the arrest.

“Amazon is willing to expend dollars and energy beyond even what can be economically justified in order to bring cybercriminals to justice,” said company spokesperson Mary Osako in a statement.

If found guilty on all charges, Zubakha could face up to 37 years in prison and $750,000 in fines. Intentionally causing damage to a protected computer with a resulting loss of more than $5,000 is punishable by up to 10 years in prison. Logashov was also charged with the same count.

The arrest in Cyprus was a complex undertaking, with the U.S. Secret Service, the U.S. Attorney’s Office for the Western District of Washington and the Seattle Police Department all working together with global officials.

“The [three agencies] talking to each other is a direct result of the birth of the Department of Homeland Security,” security consultant Robert Siciliano told the E-Commerce Times.

American authorities are seeking Zubakha’s extradition.

According to the indictment, the first of two attacks lasted four and a half hours on June 6, 2008, before Amazon was able to intervene. Amazon’s servers were working overtime, on a magnitude of between 600 and 1,000 percent of normal traffic. The second attack began on June 9 of the same year and lasted until June 12.

Zubakha was also charged with aggravated identity theft for using the credit card of a Lake Stevens, Wash.,  resident illegally.

“This defendant could not hide in cyberspace,” said U.S. Attorney Jenny A. Durkan, head of the Justice Department’s Cybercrime and IP Enforcement Committee. “I congratulate the international law enforcement agencies who tracked him down and made this arrest.”

Logashov is still at large.

 

Chinese Spy Caught Stealing Military Documents

Posted on by

If you don’t think that our country is full of foreign spies and operatives engaged in industrial espionage, perhaps this case will change your mind. One has to ask why foreign nationals are employed by domestic corporations that are government contractors in the first place.

Long Yu Criminal Complaint

Related reading: Russian Spies and Espionage in NATO and USA

Chinese National Admits to Stealing Sensitive Military Program Documents from United Technologies

Yu Long, 38, a citizen of China and lawful permanent resident of the U.S., waived his right to be indicted and pleaded guilty today in New Haven federal court to charges related to his theft of numerous sensitive military program documents from United Technologies and transporting them to China.

The announcement was made by Acting Assistant Attorney General for National Security Mary B. McCord, U.S. Attorney Deirdre M. Daly of the District of Connecticut, Special Agent in Charge Patricia M. Ferrick of the New Haven Division of the Federal Bureau of Investigation, Special Agent in Charge Matthew Etre of Homeland Security Investigations (HSI) in Boston, Special Agent in Charge Craig W. Rupert of the Defense Criminal Investigative Service (DCIS) Northeast Field Office, and Special Agent in Charge Danielle Angley of the U.S. Air Force Office of Special Investigations.

“Long admitted to stealing and exploiting highly sensitive military technology and documents, knowing his theft would benefit China’s defense industry and deliberately contravene the embargo on U.S. Munitions List technology the United States has imposed on China,” said Acting Assistant Attorney General McCord. “Export laws exist as an important part of our national security framework and disrupting and prosecuting this kind of economic espionage is one of the National Security Division’s highest priorities.”

“In an effort to further his own career, this defendant stole an extraordinary amount of proprietary military program information from United Technologies and transported much of that stolen information to China,” said U.S. Attorney Deirdre M. Daly.  “His actions, which he knew would benefit China, not only violated his employment agreement and damaged the company, but have threatened our country’s national security interests.  U.S. companies continue to be targeted by those who seek to steal intellectual property, trade secrets and advanced defense technology – whether through a computer hack or cyber intrusion, or through a rogue employee.  Working closely with our nation’s defense contractors, we will relentlessly investigate and prosecute those who steal, or attempt to steal, trade secrets and sensitive military information, whether for their own personal gain or for the benefit of foreign actors.”

“This case highlights the complexity in which the FBI and law enforcement are being challenged to keep the integrity of our industry intellectual property intact,” said Patricia M. Ferrick, Special Agent in Charge of the New Haven Division of the Federal Bureau of Investigation.  “Investigating criminal activity of this nature will continue to be a priority.”

“These sophisticated technologies are highly sought after by our adversaries,” said Special Agent in Charge Matthew Etre of HSI Boston.  “They were developed to give the United States and its allies a distinct military advantage, which is why HSI and our law enforcement partners will continue to aggressively target the individuals who steal the ideas of others and sell these items.”

“Today’s plea demonstrates the commitment of the Defense Criminal Investigative Service (DCIS) and our federal law enforcement partners to identifying those who illegally export sensitive defense information to adversarial Foreign governments,” said Craig W. Rupert, Special Agent in Charge, DCIS, Northeast Field Office.  “DCIS will continue to safeguard sensitive technology and to shield America’s investment in national defense by disrupting efforts of groups and individuals who try to illegally acquire our national security assets.”

“This case was enabled by the outstanding teamwork of the FBI, DCIS, HSI, AFOSI and the U.S. Attorney’s office,” said Danielle Angley, Special Agent-in-Charge with the Air Force Office of Special Investigations.  “In addition, it demonstrates the focus of law enforcement agencies to protect our nation’s critical resources.”

According to court documents and statements made in court, from approximately May 2008 to May 2014, Long worked as a Senior Engineer/Scientist at United Technologies Research Center (UTRC) in Connecticut. Long’s employment at UTRC included work on F119 and F135 engines. The F119 engine is employed by the U.S. Air Force F-22 Raptor fighter aircraft, and the F135 engine is employed by the U.S. Air Force F-35 Lightning II fighter aircraft.

Beginning in 2013, Long expressed his intent to individuals outside UTRC to return to China to work on research projects at certain state-run universities in China using knowledge and materials he had acquired while employed at the UTRC. To that end, Long interacted with several state-run institutions in China, including the Chinese Academy of Science (CAS) and the Shenyang Institute of Automation (SIA), a state-run university in China affiliated with CAS.

During 2013 and 2014, Long was recruited by SIA and other state-run universities, during which he leveraged information that he had obtained while working at UTRC to seek employment in China, culminating in his travel to China in the possession of voluminous documents and data containing highly sensitive intellectual property, trade secrets and export controlled technology, which he had unlawfully stolen from UTRC.

In December 2013, after Long agreed in principle to join SIA, an SIA-CAS Director and an SIA-CAS Recruiter asked Long to provide documents from his work at UTRC and examples of projects on which he had worked to substantiate the claims Long made in his application, and interview with SIA.  Long agreed.

On Dec. 24, 2013, Long emailed several documents to the SIA-CAS Director, including a document that contained the cover page of an export controlled UTRC presentation on Distortion Modeling dated Sept. 30, 2011.

While negotiating with SIA, Long also continued to explore other opportunities at other state-run institutions in China. In one email, Long stated: “I have made my mind to return to China, so have prepared a research plan based on my industry experience and current projects.” In the research plan, Long stated: “In the past five years, I have been working with Pratt Whitney, also other UTC business units, like UTAS (including Hamilton Sundstrand and Goodrich), Sikorsky, CCS (including Carrier and Fire & Security), and Otis. These unique working experiences have provided me a great starting point to perform R&D and further spin off business in China. I believe my efforts will help China to mature its own aircraft engines.”

On May 30, 2014, Long left UTRC. In June 2014, Long traveled to China and began working for SIA. Beginning in July 2014, digital evidence and forensic analysis indicated that Long brought with him and accessed in China a UTRC external hard drive that had been issued to him and that he unlawfully retained.

In July 2014, Long was listed as the project leader on a lengthy research plan for CAS involving fourteen other individuals.  The plan was replete with references to how the proposed research and development would benefit China. The plan stated: “The three major engine companies in the world, i.e. GE, Pratt & Whitney in the US and Rolls-Royce in the UK, are all using this technology. . . Our nation lacks the ability to process high performance components, such as airplane wings, tail hooks on carrier aircrafts, and blisks . . . Because of the technology embargo imposed by western developed countries, it is very difficult for us to obtain more advanced design and manufacturing technology . . . This research project will increase our independent ability, efficiency and quality in key component manufacturing.”

On or about Aug. 12, 2014, the Document on Distortion Modeling – the same document from which Long had sent the cover page to the SIA-CAS Director on Dec. 24, 2013 – was accessed on the external hard drive. Travel records and forensic analysis confirmed that both Long and the external hard drive were in China when this file was accessed.

On Aug. 19, 2014, Long returned to the U.S. from China through John F. Kennedy International Airport in New York. During a secondary inspection screening by U.S. Customs and Border Protection (CBP) officers, Long was found in the possession of a largely completed application for work with a state-controlled aviation and aerospace research center in China. The application highlighted certain parts of Long’s work related to the F119 and F135 engines while at UTRC.

On or about Aug. 20, 2014, Long emailed an individual at a university in China, attaching an updated “achievement and future plan.” In the plan, Long discussed his work related to the F119 and F135 U.S. military fighter jet engines and stated that he also had knowledge of unpublished UTRC projects in which the U.S. Air Force had shown interest.

On Nov. 5, 2014, Long boarded a flight from Ithaca, New York to Newark Liberty International Airport in Newark, New Jersey, with a final destination of China. During Long’s layover in Newark, CBP officers inspected Long’s checked baggage and discovered that it contained sensitive, proprietary and export controlled documents from another defense contractor, Rolls Royce.

Further investigation determined that the U.S. Air Force had convened a consortium of major defense contractors, including Pratt and Rolls Royce, to work together to see whether they could collectively lower the costs of certain metals used. As part of those efforts, members of the consortium shared technical data, subject to restrictions on further dissemination. Rolls Royce reviewed the documents found in Long’s possession at Newark Liberty Airport and confirmed that it provided the documents to members of the consortium, which included Pratt. Rolls Royce further confirmed that Long was never an employee of Rolls Royce. A review of UTRC computer records indicated that Long had printed the documents while employed at UTRC.

Long was arrested on a federal criminal complaint on Nov. 7, 2014. A review of Long’s digital media seized at the time of his arrest revealed voluminous files protected by the International Traffic in Arms Regulations and Export Administration Regulations, and voluminous files proprietary to various U.S. companies. In short, the investigation revealed that Long took his laptop and the UTRC external hard drive with him to China in 2014, at which time there was a substantial body of highly sensitive, proprietary and export controlled materials present on that digital media. UTRC has confirmed that the hard drive that Long unlawfully retained and accessed in China contained not only documents and data from projects on which Long worked while employed at the company, but also from projects on which he did not work to which he would have had access.

Long pleaded guilty to one count of conspiracy to engage in the theft of trade secrets knowing that the offense would benefit a foreign government, foreign instrumentality or foreign agent, an offense that carries a maximum term of imprisonment of 15 years. He also pleaded guilty to one count of unlawful export and attempted export of defense articles from the U.S. in violation of the Arms Export Control Act, an offense that carries a maximum term of imprisonment of 20 years.

Long, who has been detained since his arrest, will be sentenced by U.S. District Judge Robert N. Chatigny in Hartford.  A sentencing date has not been scheduled.

This investigation is being led by the FBI in New Haven in coordination with Homeland Security Investigations in New Haven and Newark; the Defense Criminal Investigative Service in New Haven; the U.S. Air Force’s Office of Special Investigations in Boston, Massachusetts; and, the Department of Commerce’s Boston Office of Export Enforcement. U.S. Attorney Daly and Acting Assistant Attorney General McCord also thanked the FBI in Newark, Ithaca and Syracuse, New York, the U.S. Customs and Border Protection Service in New York and Newark, and the U.S. Attorney’s Offices for the Northern District of New York and the District of New Jersey, for their efforts and assistance in this matter.

This case is being prosecuted by Assistant U.S. Attorneys Tracy Lee Dayton and Stephen B. Reynolds of the District of Connecticut, and Trial Attorneys Brian Fleming and Julie Edelstein of the National Security Division’s Counterintelligence and Export Control Section.