Time
7 hours 36 minutes
Difficulty
Advanced
CEU/CPE
7

Video Description

This lesson discusses the American Superconductor case study. In this incident, intellectual property (IP) from Massachusetts-based American Superconductor was stolen by Sinovel, a Chinese company. Sinovel was able to make skeletons of all the turbines and computer code and Dejan Karabasevic, an American Superconductor employee based out of Austria helped with the IP theft. Sinovel offered him many perks in exchange for his work. However, by the time he was caught it was too late and a lot of IP was lost.

Video Transcription

00:04
So this is the case study of organization that was essentially infiltrated by someone who had displaced loyalties. He became an insider threat, and he reached out to another company which was owned by a Chinese company.
00:22
And he essentially committed insider threat activities and bankrupted the company. So the case study involves American Superconductor, that is, a Massachusetts based company,
00:34
and their intellectual property was stolen by the Chinese company. Sent a bill.
00:40
The Senate bill made the skeletons of these giant wind turbines, and American Superconductor made the sophisticated gadgetry and computer code that are inside these turbines to rent.
00:52
And the Chinese company kept trying to figure out how to make these these widgets, and they were unable to do so. They just weren't technologically advanced enough on their processes to make that technology, and they were required essentially dependent upon American superconductor.
01:11
So American Superconductor. Knowing this, they ensured that any software pieces of code were restricted and were accessible only to a few people within the corporation. They obviously didn't want their trade secrets expense.
01:25
So an employee within American superconductor
01:29
Dijon Carrabba Civic hey, was based in Austria. He essentially helped the Chinese company symbol,
01:36
uh, perpetrate the theft of the intellectual property
01:40
and in that relationship symbol offer him women apartment money. And the new Life's a kind of, ah, conglomeration of some of those motivating factors. Weak sauce, um, obviously money, ***. And then this may be new life. So he might have had some type of psychological issue where he maybe did not
02:00
value
02:01
his own self worth.
02:04
But any event, the arrangement included a $1.7 million contract, which was spelled out e mails and instant messages that were found on his computer during that forensic investigation. And in one of those e mails, he lays out kind of the quid pro quo arrangement, saying that the girls need money. He needs the girls,
02:23
uh,
02:23
sensible. The Chinese company needs him. And then, in return, the central Executive showered him flattery and encouragement, saying, You know, you are the best man. You're like Superman. So they were kind of stoking his ego. They were giving him the money that he needed,
02:43
but ultimately what happened is that he was caught.
02:46
However, uh, that's kind of after the fact,
02:50
and
02:51
it was too late for American Superconductor. They lost their intellectual property. They tried to sue the Chinese company, but then it it's too late. They already lost that thing that makes them special and unique.
03:05
So when dealing with these insider threats,
03:08
often times the response phase is not necessarily where an organization wants to be.
03:15
Because if you're Kentucky Fried Chicken and you know you value those herbs and spices that Colonel head
03:22
and that gets out to the public of how the chickens made it's too late. The response is essentially going to come after the fact. And as we talked about that below the iceberg cost, those costs would be astronomical
03:38
because that that is something that makes your business very special. And that would almost be an instrumental object
03:44
to overcome.
03:46
So what this portion of the course is going to talk about? It's not so much how to respond to those cases, because that would be more than likely a large legal response and not necessarily a technical response.
04:01
We're going to focus mainly on the technical aspects of preventing and identifying insider threats,
04:08
but before they happen, s oh, you're not going to necessarily have to do that incident response in
04:16
conjunction with that insider threat,

Up Next

Incident Response and Advanced Forensics

In this course, you will gain an introduction to Incident Response, learn how to develop three important protection plans, perform advanced forensics on the incident, deep dive into insider and malware threats, and commence incident recovery.

Instructed By

Instructor Profile Image
Max Alexander
VP, Cybersecurity Incident Response Planning at JPMorgan
Instructor