Though he lived in Silicon Valley, Linwei Ding spent months at a time in his native China, according to court papers.
Nothing unusual about that — except that he was supposed to be working full time as a software engineer in Google’s San Francisco-area offices.
Court records say he had others badge him into Google buildings, making it appear as if he were coming to work. In fact, prosecutors say, he was marketing himself to Chinese companies as an expert in artificial intelligence — while stealing 500 files containing some of Google’s most important AI secrets.
Ding, whose home was searched by the FBI days before prosecutors said he was to board a one-way flight to China, was arrested in March and is now facing federal felony charges. He has pleaded not guilty. His case illustrates what American officials say is an ongoing nightmare for US economic and national security: Some of America’s most prominent tech firms have had their virtual pockets picked by Chinese corporate spies and intelligence agencies.
Days after the Ding case was announced, prosecutors charged the owners of a Chinese company with conspiring to steal battery secrets from Tesla. This week, a government cybersecurity board ripped Microsoft for an “inadequate security culture” and a “cascade … of avoidable errors” that allowed Chinese intelligence hackers to compromise the company’s email software and gain access to the accounts of the US commerce secretary.
In February, the Justice Department charged a Chinese engineer with stealing missile-tracking technology from a company owned by aerospace giant Boeing. Last year, prosecutors accused a Chinese national of stealing Apple’s self-driving car technology and fleeing to China.
“China’s multipronged assault on our national and economic security makes it the defining threat of our generation,” FBI Director Christopher Wray told Congress recently. “Today, and literally every day, they’re actively attacking our economic security — engaging in wholesale theft of our innovation and our personal and corporate data.”
It’s been happening for years, but experts say neither the government nor US corporations have been able to mount a coherent response.
China denies that it steals intellectual property. In a statement, Chinese embassy spokesperson Liu Pengyu said, “The Chinese government has never participated in or supported anyone in any form in stealing commercial secrets. We ask the US side to handle the case without bias and in accordance with the law and protect the legal rights and interests of Chinese citizens.”
Dmitri Alperovitch, who co-founded the cybersecurity company CrowdStrike, was among the first to publicize state-sponsored Chinese corporate espionage back in 2011. Soon, top US intelligence officials were calling it “the biggest transfer of wealth in history.”
“China has been engaged in systematic theft of America’s economic and national security treasures for decades,” said Alperovitch, now director of the Silverado Policy Accelerator think tank and author of “World on the Brink: How America Can Beat China in the Race for the 21st Century.” “The pillaging has undermined our nation’s economic growth and devastated entire industries.”
Alperovitch and other experts say the Chinese campaign has been hugely successful in boosting that country’s economic and military progress even as it has cost jobs and decimated entire business sectors in the US and Europe, including the solar panel industry. The House Select Committee on the Chinese Communist Party has estimated the cost of Chinese intellectual property theft at $600 billion a year.
The Google case illustrates why the damage from trade secret theft is not widely understood by the public. It wasn’t front page news when Attorney General Merrick Garland announced it last month, and initially Google downplayed its impact.
“We have strict safeguards to prevent the theft of our confidential commercial information and trade secrets. After an investigation, we found that this employee stole numerous documents, and we quickly referred the case to law enforcement,” company spokesman José Castañeda said in a statement. “We are grateful to the FBI for helping protect our information and will continue to cooperate with them closely.”
Ding now faces 10 years in prison on theft charges. But a person familiar with the case said it’s unknown whether Ding distributed the stolen material to his partners in China — in other words, it’s not clear the information was protected.
Cornell computer science professor Bart Selman, an expert in artificial intelligence, said the stolen technology, as described in the indictment, was extremely significant, representing 10 to 15 years of work by Google scientists.
The technology Ding allegedly stole involves the building blocks of Google’s advanced supercomputing data centers that fuel the remarkably humanlike answers consumers see when they ask questions of ChatGPT.
“It’s a very significant loss, and indeed, it’s very concerning,” Selman said. “And I think it’s not just concerning for a single company. The AI software and AI training have very big national security components. So it’s even of relevance to national security.”
Selman said the stolen secrets related to both software and hardware, including information about advanced computer chips that the US government has worked hard to keep out of Chinese hands.
“That’s one of the most concerning aspects — that this sort of undercuts the US efforts to [prevent] China being able to develop this technology,” he said. “This will give them new capabilities and insights that were developed by Google over the last 10 years at least, to develop these very advanced chips for training AI models.”
The indictment said Google had robust network security, including a system designed to monitor large outflows of data. But Ding circumvented that by allegedly copying data from Google source files into the Apple Notes application on his Google-issued MacBook laptop, converting the Apple Notes into PDF files, and uploading them from the Google network into a separate account.
Google did not have systems in place to monitor the travel of employees working on sensitive technology, a person familiar with the matter said.
That’s a problem, said Frank Figliuzzi, formerly the FBI’s assistant director for counterintelligence and now an NBC News contributor. He said tech companies need to step up their security against so-called insider threats.
“No question there was a ball dropped here,” he said. “But this is something I see commonly in security failures across the board. Number one, companies have to get much better at identifying what is truly a crown jewel in their company. Number two, identify the employees in your company who have access to those crown jewels. Number three, monitor those employees and the crown jewel data to ensure that bad things aren’t happening. So when that crown jewel employee who has access is traveling abroad, you need to know it.”
While the indictment does not allege any links between Ding and the Chinese government, Figliuzzi said that doesn’t really matter, given Chinese government policies.
“There is indeed an actual strategy, a five-year plan that China publishes, putting its citizens on alert that we need the following items this year, and for the next five years, and we’ll do everything we can to get our hands on on it,” he said. It’s a challenge for an American company to secure against that threat, Figliuzzi added, saying “it’s against the law for a Chinese national to refuse to cooperate with their intelligence services.”And if a Chinese national were to take protected information of their own accord , patent it in China and open their own business with it, “good luck challenging that in court in China,” he said. “It rarely if ever succeeds.”
Last October, Wray and representatives from the other four countries in the so-called Five Eyes intelligence partnership — Britain, Australia, Canada and New Zealand — met in Silicon Valley to call attention to Chinese theft of trade secrets.
“The Chinese government is engaged in the most sustained, scaled and sophisticated theft of intellectual property and expertise in human history,” said Mike Burgess, head of the Australian Security Intelligence Organization.
More needs to be done, Sen. Mark Warner, D-Va., the chairman of the Senate Intelligence Committee, told NBC News.
“We’ve got to use every tool at our disposal to protect American business and innovation so that China can’t exploit the openness of our society and our economy to their advantage,” Warner said, “and we need to do more to raise the costs to China of this behavior.”