Threat Management, Threat Intelligence

Former Apple engineer arrested for stealing secret info on autonomous car project

A former Apple employee arrested last weekend in the Mineta San Jose International Airport for nicked information on the company's autonomous car project presumably to pass along to a Chinese startup where he'd accepted a position.

Hardware engineer Xiaolang Zhang was picked up by authorities as he waited to board a plane to China. Since May 2015, he had worked on the Apple Compute team where he “designed and tested circuit boards to analyze sensor data," according to an FBI complaint filed in U.S. District Court for the Northern District of California and posted on scribd.

He took paternity leave from his job in April and upon returning from a trip to China, informed his supervisor that he would be quitting his job to move back to his home country to be with his ailing mother and assuming a job at Guangzhou-based XMotors.

Zhang was one of 5,000 Apple fulltime employees who have access to information regarding the project. He had “broad access to secure and confidential databases containing trade secrets and intellectual property for the project,” said the FBI complaint, which referred to the Apple initiative as a “closely guarded secret” not shared publicly.

“In today's digital world, business users are granted access to a myriad of critical systems, applications, and data in order to do their jobs. “The Apple case is a prime example of the need for organizations to progress toward the next evolution of identity governance, and by doing so, protect themselves not only from outsiders, but from insiders, as well,” said Mark McClain, CEO and co-founder of SailPoint. “As the surface area expands, digital identities are touching areas that aren't comprehensively addressed within existing identity governance programs.”

Identity analytics would have alerted Apple “that an employee was exhibiting abnormal user behavior and downloading large amounts of data that he wasn't authorized to access outside of normal business hours,” he explained.

“Many organizations still have blind spots when it comes to addressing the question of ‘who has access to what?' applications and data, and importantly, ‘what are they doing with that access?' and ‘should they have that access?'” said McClain. “Our world has changed in a profound way and enterprises need to catch their identity governance programs up as the Apple incident highlights.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.