Neil J. Gallagher
Deputy Assistant Director
Federal Bureau of Investigation
Joint Economic Committee
United States Congress
March 24, 1998
"CYBERCRIME, TRANSNATIONAL CRIME AND
INTELLECTUAL PROPERTY THEFT"
Good morning Chairman Saxton, Vice
Chairman Mack, and Members of the Committee. I welcome this opportunity
to provide insight into the Federal Bureau of Investigation's effort
in the fight of economic crimes to include transnational crime.
Economic crimes affect a wide variety
of industries, businesses and citizens. The theft of trade secrets has
caused billions of dollars in losses and created a vulnerability within
all types of industry. The significant and most positive advances in
technology have also allowed businesses and financial institutions to
become prey of a new age of criminals. The World Wide Web has allowed
for an endless barrage of frauds, scams, intrusions, and piracy. Cyberbanking
has added a new dimension of potential financial institution fraud.
In this computer age where network communication has become borderless,
what the FBI has traditionally worked as an economic crime has the potential
of becoming a transnational crime within a matter of seconds.
The FBI's task in fighting economic
crime has dramatically changed with advancements in technology. New
methods of economic crimes are being addressed with the assistance of
new laws passed by Congress such as the Economic Espionage Act of 1996
(EEA) and the No Electronic Theft Act. At the same time, there is an
increased emphasis on the training of FBI agents and providing them
with the tools necessary to investigate these often complicated cases.
According to a study reported in 1996
by the American Society for Industrial Security regarding intellectual
property loss, potential known losses to all American industry could
amount to as much as $63 billion, with current losses occurring at a
rate of $2 billion a month. The high-tech industry has an average loss
per incident reported of $19 million. The specific portion of this attributable
to domestic companies stealing trade secrets from one another cannot
be determined with certainty. However, as we move further and further
into the information age, the value and accessibility of various forms
of intellectual property continues to increase. As this information
becomes easier to access and/or steal, and its value continues to increase,
the frequency of its theft is certain to increase as well.
In the increasingly competitive area
of high technology, theft by rival companies of one anothers new products/trade
secrets is inevitable and burgeoning. In much the same way we used to
have to deal with employees embezzling funds from their employer; we
are now dealing more and more with employees stealing trade secrets
from their employers and attempting to sell them to the competition.
The Economic Espionage Act of 1996,
signed into law by President Clinton on October 11, 1996, provided law
enforcement with a tool to deal more effectively with trade secret theft.
The Economic Espionage Act has helped to protect valuable U.S. trade
secrets. The statute was the result of a Congressional mandate to provide
law enforcement with a tool to deal effectively with trade secret theft.
The law penalizes commercial theft of trade secrets in cases not involving
foreign powers under the newly created statute Title 18, U.S.C. Section
1832. Prior to this law being enacted, the FBI had to rely on general
statutes such as "Interstate Theft of Stolen Property" and "Fraud by
Wire" to prosecute thefts of high-tech secrets. These statutes were
often difficult to apply due to the lack of an interstate nexus. These
difficulties become more complex when applied to transnational crimes.
The Federal Bureau of Investigation
took advantage of this law as soon as it was passed, receiving an arrest
and conviction within two months of the enactment of the law. On December
7, 1996, the first arrest under the new law occurred in Pittsburgh,
Pennsylvania. Patrick Worthing and his brother, Daniel, were arrested
by FBI agents after agreeing to sell Pittsburgh Plate Glass information
for $1,000 to a Pittsburgh agent posing as a representative of Owens-Corning,
Toledo, Ohio. Both subjects were charged under Title 18, U.S.C. Section
1832. Patrick Worthing was sentenced to 15 months in jail and three
years probation for the Theft of Trade Secrets.
Following the passage of the EEA, the
FBI made an effort to educate agents in all 56 field offices regarding
the elements of this new law. Six regional conferences sponsored by
FBI Headquarters were held in the summer of 1997, with participation
from all the field offices. Several of the conferences also allowed
participation of industries in the area. Management and security personnel
from these companies were given information regarding the new law and
how best to protect their trade secrets. This coming together of FBI
and private industry is critical to our success in battling economic
crime. It allows for increased communications and cooperation with private
industry. At the same time, it provides for a unique opportunity for
the FBI investigators to better understand the complexities and sensitivities
of the industry from experts within that industry. These regional sessions
have increased the number of agent personnel having the special training
required to address the often sensitive needs of the high-tech industry.
The number of theft of trade secret
investigations has continued to increase. In October of 1997 there were
fifteen pending investigations. Currently there are 37 pending theft
of trade secret investigations. These include investigations in Silicon
Valley in California dealing with high tech industries to cases in locations
such as Missouri and Tennessee. This increase in pending investigations
is due in part by the positive relationships that the FBI has developed
with industry and the resulting increased awareness of this growing
The FBI is working to identify cities
that are centers for high-tech industries. These cities will be afforded
the training necessary to identify and investigate theft of trade secret
and Intellectual Property Rights infringement matters. High-tech task
forces will be encouraged to better utilize resources to address this
Examples of recent cases charged under
Title 18, U.S.C. Section 1832:
- Memphis: On October 3, 1997, the Memphis Division of the
FBI arrested Steven Louis Davis, who was indicted in the Middle
District of Tennessee on five counts of fraud by wire and theft
of trade secrets. Wright Industries, the victim company and a sub-contractor
of Gillette, had fully cooperated with the FBI's investigation.
Although the FBI knows that Davis reached out to one foreign owned
company (BIC), it is unclear if he was successful in disseminating
trade secrets overseas. The FBI, however, has learned that a competitor
in Sweden had seen the drawings of the new Gillette razor. Davis
pled guilty on 1/23/98. Potential loss prevented was in the hundreds
of millions of dollars.
- Cleveland: On September 5, 1997, Pin Yen Yang, and his
daughter Hwei Chen Yang (aka Sally Yang) were arrested on several
charges, including Title 18, U.S.C. Section 1832. Also charged is
the Four Pillars Company, which has offices in Taiwan, and a registered
agent in El Campo, Texas. It is alleged that the Four Pillars Company,
Pin Yen Yang, Sally Yang, and Dr. Ten Hong Lee were involved in
a conspiracy to illegally transfer sensitive, valuable trade secrets
and other proprietary information from the Avery Dennison Corporation,
Pasadena, California, to Four Pillars in Taiwan. Dr. Lee has been
an Avery Dennison employee since 1986, at the company's Concord,
Ohio facility. Dr. Lee allegedly received between $150,000 and $160,000
from Four Pillars/Pin Yen Yang for his involvement in the illegal
transfer of Avery Dennison's proprietary manufacturing information
and research data over a period of approximately eight years. Direct
development costs of technology transferred during this time is
estimated to be in the tens of millions of dollars. On October 1,
1997, a Federal Grand Jury returned a 21 count indictment, charging
Four Pillars, Pin Yen, and Sally Yang with attempted theft of trade
secrets, mail fraud, wire fraud, money laundering, and receipt of
stolen property. On the same date, Dr. Ten Hong Lee pled guilty
to one count of wire fraud.
At the same time, we must recognize
that technological advances are making corporate spying and theft easier
and cheaper. Industrial espionage is most often carried out to gain
access to corporate strategic plans, research and development information,
and manufacturing process data. The power of computer technology has
increased means for the theft and transfer of trade secret information.
Computer age communications connectivity, commercial enterprise activities,
and the posting and accessibility of corporate data on office workstations
and home personal computers have made it extremely easy to copy and
steal valuable trade secret information. This information can potentially
be transferred transnationally as easily as it can be transferred across
Public and private sector organizations
that rely on information technologies are diverse. Within the government,
information technologies provide leverage for performing traditional
missions more efficiently, e.g., law enforcement, intelligence gathering
and exploitation, and national defense. In the private sector information
systems allow rapid, efficient transfers of information and capital,
enable a new wave of electronic commerce, and enable far-flung, technically
complex operations to exist over vast geographic distances.
However, as commercial information
technologies create advantages, their increasingly indispensable nature
transforms them into high-value targets. Moreover, in practice these
developments have resulted in diminished systems redundancy and the
consolidation of core assets, heightening the risk of catastrophic single-point
failures. Disgruntled employees, disaffected individuals or groups,
organized crime, domestic and international terrorists, and adversary
nations are all potential sources of attack.
Terrorists, transnational criminals,
and intelligence services are quickly becoming aware of and exploiting
the power of information tools and weapons. This has been true in the
past as new means of communication, transportation, and secrecy have
been introduced to the public. For example, narcotic traffickers began
using communications advances such as pagers and cellular phones soon
after their introduction to the public.
In yet another area, cyber banking
is redefining consumer banking and creating new opportunities for high-tech
financial institution crime. A recent Internet survey indicated that
electronic banking is anticipated to increase 600% in the next two years.
In the latter part of 1997, the Federal Deposit Insurance Corporation
(FDIC) estimated that over 1,100 banks and thrifts are maintaining a
presence on the World Wide Web. Although many sites are primarily established
for advertising, a growing number are beginning to offer transactional
capabilities, including funds transfers.
The use of electronic access products
to infiltrate banking systems have occurred, and with the use of the
Internet, can occur from halfway around the world. One computer intrusion
investigation involving the compromise of a major U.S. financial institution's
cash management system resulted in the convictions of all seven foreign
nationals involved. Potential losses of $10.4 million involving attempted
fraudulent wire transfers were limited to $400,000 as a result of the
FBI's lead in an international effort to identify the source of the
intrusion and the individuals responsible. As global interconnectivity,
access to the Internet, and electronic commerce increases, the threat
of electronic exploitation will expand exponentially.
In response to this threat, the FBI,
in cooperation with Department of Justice, Department of Treasury and
representatives of financial regulatory agencies, has launched a cyberbanking
initiative to examine the risks and potential losses associated with
electronic banking technology. A working group has been established
to focus on current and potential criminal activity in the emerging
field of cyberbanking. The primary function of this working group is
to insure that all government agencies involved with the operation or
regulation of cyberbanking are aware of the potential for fraud in any
electronic banking scheme developed for use by the public. A secondary
function is to insure that, in the development of cyberbanking systems,
adequate fraud prevention measures are implemented so that frauds against
the system can be detected, investigated, and prosecuted.
Comprehensive crime statistics involving
electronic money and computer fraud and abuse are difficult to obtain.
The FBI is working closely with federal banking regulators and the financial
institution industry to evaluate methods by which computer related activity
can be statistically tracked and monitored in order to assure that fraudulent
activity of this nature is reported. The Suspicious Activity Reporting
System (SAR), currently used by financial institutions to report fraudulent
activity could be used, with some minor modification, to provide a simple
and straightforward means for victims to report this increasing crime
problem. The FBI and federal bank regulators have already worked together
to produce guidance to the financial industry for reporting of computer
crimes on SARs.
Case examples of cyberbanking fraud:
- In 1994, subjects in Russia gained unauthorized access to Citibank's
Cash Management System. As a result, more than $10 million was wire
transferred to preestablished accounts throughout the world. It
was unclear where the attack was originating when the FBI began
to monitor the cash movements through Citibank's central wire transfer
department. Monitoring began in July and continued into October,
during which there were 40 transactions. Cash was moved from accounts
as far away as Argentina and Indonesia to bank accounts in San Francisco,
Finland, Russia, Switzerland, Germany and Israel. In the end, all
but $400,000 taken before monitoring began was recovered. The investigation
resulted in six foreign nationals being charged in the United States.
Citibank says it has found no evidence of insider cooperation with
the hacker. Vladimir Levin was arrested in February 1995 by Scotland
Yard based upon a provisional warrant and was extradited from England
in September of 1997. He pled guilty on January 23, 1998 to conspiracy.
- In April of 1997, telephone calls were made to banks in Portland,
Oregon and Boston, Massachusetts claiming that the institutions,
and 49 other financial institutions, had been targeted by an environmental
group. The caller explained that the group had penetrated the bank's
computer systems and if the banks did not make $2,000,000 "donations"
to the group, the computer systems would be brought "to a screeching"
halt. The caller further explained that timing devised had been
utilized and if the $2 million dollar donations were not received
by the group, the computer systems would crash within the next week.
He also warned that if the banks involved law enforcement in the
matter, the systems would be destroyed immediately. The caller advised
his group had previously penetrated computer systems within the
Central Intelligence Agency and other unnamed federal agencies.
A subsequent telephone call was traced to a public pay phone and
the subject was arrested. The subject pled guilty to one count of
Title 18, U.S. C. Section 875 (Interstate Extortion) and was sentenced
to six months in jail followed by three years supervised release.
The Financial Times reported in an
article in August 1996 that the market for Internet banking is poised
to grow sharply in the next three years, affecting the competitive advantage
enjoyed by traditional banks as demand for Internet banking services
takes off. It noted a survey of Internet banking by an international
management consultant, which found that 154 European banks already have
sites on the World Wide Web, with sites increasing at a rate of nearly
90 percent a year.
The article went on to state that the
cost of Internet banking run at on 15-20 percent of income, compared
with an average cost:income ratio for the banking industry of about
60 percent. Starting an Internet bank from scratch costs about $1 million
- one can buy all the software off the shelf. But a well established
bank has to integrate it with their existing systems dramatically adding
to the cost of setting up an Internet bank. Internet banking has the
potential of changing the type of financial industry law enforcement
will have to work with in combating financial crimes. The banks from
other countries that are on the Internet can potentially provide other
avenues for subjects for money laundering, wire transfers, and hiding
There have been reported incidents
of bogus investment banks appearing on the Internet. These banks solicit
money for investment and account creation. In reality, these banks do
not exist and disappear as quickly as they appear. One such Internet
bank was the subject of an Office of the Comptroller of the Currency
(OCC) special alert. The Freedom Star National Bank of Arizona began
soliciting deposits on the Internet and offering high interest rates.
The entity had not been granted a national bank charter by the OCC nor
were its deposits insured by the Federal Deposit Insurance Corporation.
This activity was stopped by the OCC special alert. Banking regulators
are in the process of analyzing these type of fraudulent banks for criminal
referral to the FBI.
The use of the Internet to market fraudulent
investment schemes is becoming epidemic. An example of this type of
scheme involves a multilevel operation doing business under the name
Netware International, believed to had approximately 2,500 members throughout
the United States. Netware provides false, fraudulent and misleading
representations in order to solicit funds from new and existing members.
Promotional information distributed over the Internet indicated that
Netware was forming a private bank with full services and deposits insured
by the National Union Fire Insurance Company of Pittsburgh, Pennsylvania.
The information also indicated that the bank was expected to earn a
profit of 25 percent per year, and that the members who sell two or
more memberships would share in the profits of the bank. National Union
Fire Insurance Company denied any affiliation with Netware. Nearly $1
million has been seized to date in this investigation. The investigation
into Netware continues.
Internet banking is but one of many
Internet frauds that the FBI is addressing. The types of frauds are
numerous and have been found to often have international connections.
The National Consumers League has stated that they receive more than
100 scam complaints each month. They range in size from $10 to $10,000.
The ten most frequent fraud reports involve undelivered Internet and
online services; damaged , defective, misrepresented or undelivered
merchandise; auction sales; pyramid schemes and multilevel marketing;
misrepresented cyberspace business opportunities and franchises; work-at-home
schemes; prizes and sweepstakes; credit card offers; books and other
self-help guides; and magazine subscriptions.
Banking and investment industries have
not been the only industries dramatically affected by Internet fraud.
The copyright industry has lost millions of dollars due to piracy of
software, music and interactive digital software on the Internet. Hundreds
of digital jukeboxes are surfacing on the Internet. The digital jukeboxes
release music over the Internet in the form of MPEG3 digitally compressed
files, called MP3s, which can be downloaded free of charge on to home
computers. Most pirate jukeboxes are run for free by young music buffs,
often students using university servers. Downloading music free of charge
from the Internet is becoming increasingly popular among the 15 to 30
year olds who tend to be frequent record buyers and are often computer
enthusiasts. The music industry now stands to lose substantial sums
of money because of the unauthorized distribution of its copyrights.
Bulletin Board Services (BBSs) have
long been a potential source of computer software and interactive digital
software piracy. There exist BBSs whose only function is engaging in
criminal activity. These BBSs provide a listing of software programs
available for downloading through the Internet. The actual cost of the
software involved is negated through a bartering system. The use of
this bartering type system has been very effective in circumventing
the law until recently. The No Electronic Theft Act, passed by Congress
and signed by the President on December 17, 1997, makes it a crime to
possess or distribute multiple copies of on-line copyrighted material,
for profit or not. This has eliminated the ability to circumvent the
law by not exchanging money.
On 1/28/97, the FBI in San Francisco
executed eight search warrants simultaneously in six states in connection
with an undercover investigation, code name Cyber Strike. Cyber Strike
has focused on increasingly organized efforts by individuals and groups
to conduct the piracy of computer software produced by some of the nation's
largest software firms. Seizure of more than seven Gigabytes of illegal
transactions (equivalent to 20 million pages of information) was made.
Following the search, eight BBS systems were dismantled and their equipment
seized. The searches were conducted in Atlanta, Georgia; Columbus, Ohio;
Miami, Florida; Oklahoma City, Oklahoma; Des Moines, Iowa; Pittsburgh,
Pennsylvania; San Leandro and Cedar Ridge, California.
Traditional crimes have taken on a
new appearance over the Internet. An example of this is Internet sports
gambling. Earlier this month the New York FBI field office filed complaints
against fourteen managers and owners of six Internet sports betting
companies that operated offshore and allowed bettors in the United States
to gamble on football, basketball, and other sports. Attorney General
Janet Reno said in a statement: "The Internet is not an electronic sanctuary
for illegal betting. If a state outlaws soliciting or accepting bets,
you can't evade those requirements by going on line." This is an example
of how the FBI is constantly working to keep abreast of new crime schemes
and is focusing our investigative resources to address these emerging
Software piracy, as well as all other
types of piracy, continues to be an international concern. According
to the International Intellectual Property Alliance, copyright piracy
cost an estimated loss of $10.8 billion to U.S. copyright industries.
In addition, the International Anti-Counterfeiting Coalition has estimated
that the cost due to trademark infringement in the world to be $250-350
billion. U.S. industries represent the leading edge of the world's high
technology, entertainment and apparel industries. Piracy of copyrighted
and trademarked items cost the U.S. economy tax revenue and jobs because
of the manufacture, distribution and sale of counterfeit goods.
The FBI has supported training in intellectual
property rights issues in a number of foreign countries to include Russia,
China, Egypt, Peru, and Latvia. Piracy is more than a domestic crime
problem. It is an international crime problem that involves organized
groups that conduct their counterfeiting enterprises multi-nationally.
Through the FBI's efforts in international training and established
contacts with foreign law enforcement officials throughout the world,
the groundwork has been laid for an international effort in addressing
this international crime problem.
To conclude, a major concern now facing
law enforcement is how rapidly the threats from criminals, both domestic
and international, are changing, particularly in terms of technology.
The challenge to law enforcement is our ability to keep pace with these
criminals who pose a threat against United States, our citizens, and
our industry. The FBI is working closely with law enforcement officials
in other countries to combat computer crimes and enhance coordination,
and improve our combined capabilities. Cooperative efforts with industry
have also been intensified to facilitate the prevention and detection
of emerging cyber crimes. The types of economic crimes described today
can and do have a lasting effect on our nation's economy. The FBI is
aggressively investigating these types of economic crimes. Chairman
Saxton, I wish to thank you and the members of the Joint Economic Committee
for your support. I applaud your commitment and confidence in this important
area of the FBI's responsibility.