The U.S. Department Of Justice announced this week an indictment against an engineer who stole Google’s intellectual property (IP) while he worked at the company. During his employment he traveled to China to meet with two companies by which he was also employed.
The IP included information on cutting-edge technology that allows chips to work as a supercomputer for machine learning and AI. It also included information on GPUs, TPUs, and the software that allows these chips to communicate together.
This follows news from earlier in the week that North Korea had been found to have hacked two companies in South Korea that are involved in the production of semiconductors and work with the US. North Korea had been able to access IP on the production of these chips.
There is significant attention on the semiconductor industry currently as the US and China both compete to develop AI and quantum computing capabilities.
Insider theft is relatively uncommon, compared to ransomware attacks. It is also often accidental rather than malicious. However, a study by insider theft company, DTex Systems, found that up to 12% of employees take data when leaving a company. While taking any company data can have an impact on that organization, the theft of IP can be most significant. Companies involved in AI, quantum computing, and semiconductor development are of particularly high value right now.
While likely to be unrelated, DTex Systems announced a $50 million investment this week from CapitalG Management, a growth fund owned by Alphabet, Google’s parent company.
Considerations:
- Insuring companies with IP in these high-value areas of technology should involve extra consideration for insider theft protection
- Consider training for employees on insider threat and establish a reporting process for suspicious behavior
- Implement a strong IDAM program to ensure employees only have access to information required for their role
- Consider monitoring software to detect anomalous behavior
