A former Intel employee has been charged with stealing trade secrets worth about $1 billion.
The case of Biswamohan Pani, 33, is being seen as representative of the growing threat of malicious insiders.
“IP [intellectual property] is the lifeblood of the high-tech industry and for us it represents billions and billions of dollars of investment,” Chuck Malloy, an Intel spokesman, told SCMagazineUS.com Monday.
Pani was working as a design engineer in Intel's Massachusetts Microprocessor Development Center (MMDC) in Hudson, Mass., when he obtained a position with Advanced Micro Devices (AMD), a competing microprocessor designer and manufacturer.
According to a U.S. District Court indictment, Pani quit his position at Intel on May 29 and said his last day would be June 11 but that he would be out of the office using vacation time he had accrued.
He told Intel he would use the vacation time to investigate a hedge fund opportunity and help his wife move, but in reality, on June 2, four days after quitting Intel, he began working for working at AMD.
From June 8 until June 11, he was on the payroll at both Intel and AMD. According to the indictment, during this period he used his Intel laptop to access the company network. He downloaded 13 "top secret"company documents relating to design processes Intel uses to create new microprocessors, and copied these files to an external hard drive. ADM claims it did not request the information or know Pani was stealing it.
Pani originally faced one count of theft of trade secrets and was charged last week with four additional counts of wire fraud.
Malloy said Intel contacted the U.S. Attorney's Office in Boston and the FBI after Pani's access of the Intel network was flagged as suspicious.
The indictment outlined Intel's security measures, which include maintaining “advanced computer security systems” to restrict access, protect confidential information with passwords and maintain an encrypted document management system that records employee access, downloading and viewing of confidential and proprietary documents.
Additional security measures taken by Intel include having all employees sign confidentiality agreements against disclosing confidential information, having restricted access to the building where Pani worked, requiring employees to attend annual security and confidentially training, and using an encrypted, password-protected virtual private network for off-site network access.
Security experts said this case highlights the need for implementing systems that continuously monitor user activity in databases and other critical documents.
Michael Maloof, chief technology officer of TriGeo Network Security, told SCMagazineUS.com Monday that individuals with access rights pose real problems for companies.
“When you grant people access to critical IP, these employees do have the keys to the kingdom,” Maloof said.
