February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« An Inside Look at Cybercrime | Main | New Data Breach Law Could Bring Big Change »

February 22, 2007
DuPont Insider Tries to Steal $400 Million

Recalling a recent series of blogs by ebizQ’s very own Andre Yee regarding insider attacks, I found this article on Dark Reader concerning a DuPont employee trying to steal $400 Million in trade secrets. Computer security played a big part both in letting him get as far as he did and in catching him.

The Delaware chemist, Gary Min, was flagged when he tried to access an abnormally high number of PDF documents from DuPont’s Electronic Data Library (EDL). It was discovered that Min downloaded 22,000 abstracts and 16,700 documents between Aug and December of 2005. This was 15 times the number of reports accessed by the next-highest user.

According to documents unsealed yesterday by Colm Connolly, U.S. Attorney for the District of Delaware, "The vast majority of Min's EDL searches were unrelated to his research responsibilities and his work on high-performance films. Rather, Min's EDL searches covered most of DuPont's major technologies and product lines as well as new and emerging technologies in the research and development stage. The fair market value of the technology accessed by Min exceeded $400 million."

Min began downloading the documents after received a job offer from Victrex, a DuPont competitor. The new job was not to begin until January 2006, and Min did not tell them he was leaving until December, which is when they uncovered his high-volume accesses.

While DuPont’s IT staff did well to uncover his treachery, they should not let have let him get as far he did. Min should not have had access to so many confidential documents, especially those unrelated to work. Also, closer attention to log data should have revealed the inconsistency of Min’s actions.

Min faces a maximum sentence of 10 years in jail and a fine of $250,000. Victrex was not accused of conspiring with Min.

Posted by pschooff in Better Protection |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/1405

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map