After being banned from participating in the country's 5G network trials, Huawei is facing further trouble in the U.S. as reports suggest that the Department of Justice is pursuing legal action against the company for stealing trade secrets from T-Mobile using a robotic device named "Tappy".
According to The Wall Street Journal, the investigation was initiated by Department of Justice after the U.S. District Court in Seattle found in 2017 that Huawei had indeed gained access to trade secrets from T-Mobile and asked the company to pay $4.8 million to T-Mobile as damages.
The court found merit in T-Mobile's argument that Huawei used its commercial relationship with the company to copy the design of a robotic device named Tappy for its own financial gain.
Increasing links of China with theft of trade secrets
Both Huawei and the Department of Justice have refused to comment on whether such has investigation has indeed been launched. However, the Department of Justice has found evidence of Chinese companies trying to steal trade secrets from U.S. firms in the recent past.
Last month, the Department of Justice charged a 35-year-old Chinese national with theft of trade secrets from a U.S. petroleum company where he was employed. The theft was allegedly carried out to help a Chinese company which had offered employment to the individual.
"Hongjin Tan allegedly stole trade secrets related to a product worth more than $1 billion from his U.S.-based petroleum company employer, to use for the benefit of a Chinese company where he was offered employment.
"The theft of intellectual property harms American companies and American workers. As our recent cases show, all too often these thefts involve the Chinese government or Chinese companies. The Department recently launched an initiative to protect our economy from such illegal practices emanating from China, and we continue to make this a top priority," said Assistant Attorney General John C. Demers.
Commenting on the investigation initiated by the Department of Justice, Ilia Kolochenko, CEO of High-Tech Bridge, said that the burden of proof in a criminal case is very high, and therefore will require federal prosecutors to present solid evidence. Nation-state hacking groups are pretty sophisticated, and frequently they have enough technical skills and financial resources to make any forensics and attack attribution impossible.
"Worse, they use many smart distracting and obfuscating techniques to mislead the investigators. However, hacking groups are quite frequently betrayed by insiders or even their clients (that ordered the hack) who agree to testify and unmask their accomplices in exchange for immunity," he added.
China sponsoring more cyber attacks than Russia and Iran
In October last year, In its “Observations From the Front Lines of Threat Hunting” report that covered a mid-term review of the most sophisticated cyber-attacks in the first half of 2018, security firm Crowdstrike revealed that China was the world's biggest sponsor of cyber-attacks on organisations in the West, ahead of Russia, North Korea, and Iran as state-sponsored hackers were increasingly targeting IT networks to gain access to intellectual property and other trade secrets.
The firm also revealed that most of the cyber-attacks sponsored by China were targeted at major technology firms, universities, government departments, think-tanks and NGOs with an aim to obtain intellectual property, even though such hackers did not target political organisations as frequently as Russia hackers did.
According to Crowdstrike, China recently carried out a reorganisation of the People's Liberation Army (PLA) which transferred the responsibility of hacking operations from the Army to private contractors, thereby giving China the freedom of deniability. Since such contractors are not controlled by the state, they operate freely, have a large number of computer science experts, and have extensive links to hacker forums where malware samples are easy to find.
In November 2017, a U.S. court indicted three Chinese nationals for sending phishing emails to and conducting malware attacks on U.S.-based private companies in order to steal sensitive and valuable information. The Department of Justice said that he said Chinese nationals were residents of Guangzhou in China and were running a cyber security firm named Boyusec. It added that between 2011 and May 2017, the hackers 'conspired to hack into private corporate entities in order to maintain unauthorized access to, and steal sensitive internal documents and communications from such private companies.
The said hackers stole trade secrets and sensitive corporate information from GPS maker Trimble Inc. so that they could use such knowledge on developing a Global Navigation Satellite Systems technology designed to improve the accuracy of location data on mobile devices. They also stole 407 GB worth proprietary commercial data about Siemens’s energy, technology and transportation businesses in 2015.
Between 2013 and 2014, the hackers also 'accessed the internal email server of Moody’s Analytics and placed a forwarding rule in the email account of a prominent employee'. As such, they were able to access all e-mails received by such employee and these e-mails contained proprietary and confidential economic analyses, findings and opinions.
Top Chinese security agency behind wave of cyber-attacks targeting Australian firms
UK-based think tanks frequently targeted by Chinese hackers in 2017
China's new cyber security law enables government to inspect intellectual property of foreign firms