A former Google software engineer, Linwei "Leon" Ding, allegedly stole trade secrets related to Googleās TPU chip technology.
Secret Google TPU Chip Technology Compromised by Chinese National
A former Google Software Engineer allegedly uploaded over 500 confidential files to his personal account.
What is the attack?
Over the course of a year, he uploaded more than 500 confidential files to his personal Google Cloud account.
Ding also engaged with two China-based tech companies, using the stolen information to further his work while secretly founding his own AI company.
Why did it get through?
Insider Threats: Ding had authorized access to the data as part of his role, making it difficult for traditional access control mechanisms to differentiate between legitimate and malicious activity.
Lack of Behavioral Monitoring: There was no effective monitoring of anomalous user behavior, such as uploading sensitive files to personal cloud storage accounts.
What is required to solve for this attack?
Behavioral Analytics and Monitoring: Deploy systems that can detect unusual patterns, such as repeated large file uploads or access to files outside the userās normal scope of work.
Data Loss Prevention (DLP): Implement DLP tools to prevent unauthorized file transfers to external accounts and trigger alerts for sensitive data movement.