The big news tonight, in Korea, was that key technologies related to Samsung and LG’s AMOLED displays were smuggled out by employees of an Israeli subsidiary in Korea. How did these intrepid yet arrested men manage to do this? With a 4 GB USB memory stick that, last time I checked, cost less than $10. It certainly makes one wish for AlertBoot managed disk encryption with automatic encryption of external USB devices.
Seoul Central District Prosecutors’ Office Makes Announcement
The Seoul Central District Prosecutors’ Office detained three employees of a local Israeli firm (the PO did not identify the company, referring to it as Company “O”, but there are rumors that it’s Orbotech, which “makes display inspection equipment that it supplies to customers in South Korea, China and Taiwan” according to theolympian.com) and indicted three others who were apparently released under their own recognizance.
According to Korean reports, the employees stole the technical secrets between November 2011 and April 2012, using their access as providers of the inspection equipment. For example, they used the camera on the equipment to take pictures of LG’s and Samsung’s new 55″ AMOLED display panel circuitry on a layer-by-layer basis. The pictures were later downloaded to a USB flashdrive and the hardware smuggled hidden in shoes, belts, wallets, etc. At least one article relates that the flashdrives took the form of a credit card.
It is believed that the smuggled technology made their way to Chinese firms like BOE and CSOT and other display manufacturers.
“Can’t Even Smuggle Out a Sheet of Paper”
Supposedly, that’s how Samsung and LG described their security surrounding their factories. Companies boasting about their security while not really living up to their claims is yesterday’s news. LG in particular had to eat crow, seeing how they didn’t even realize there was a breach of data until the Prosecutor’s Office produced a warrant to search (and seize evidence) at Orbotech (yeah, it’s just a rumor/allegation that Orbotech is the firm in question, but honestly, there aren’t too many Israeli firms in Korea that have a connection to the flat display panel industry whose company name begins with an “O”. My own search only turns up one, so….).
In some ways, it makes sense that neither company mounted a successful defense. After all, Orbotech is the best in the field, and holds 70% of the market when it comes to flat panel display inspection equipment. Such equipment requires periodic calibration and servicing, so outside employees must be let into “the fortress” at some point. It’s the dreaded and nearly-impossible-to-prevent “insider attack.” Kind of like a Trojan Horse move from Greek myth, except there are no Trojans (nor Spartans) and no wooden horses. Plus, no trickery because the attackers were invited in.
The use of automatic USB encryption would normally prevent such data theft attempts except that in this case those doing the smuggling were (probably) in charge of securing the USB ports as well. It’s a tough assignment for those charged with securing a facility.
Related Articles and Sites:
(in Korean) http://media.daum.net/society/clusterview?clusterId=607344&newsId=20120627175808910&t__nil_news=uptxt&nil_id=8
(in Korean) http://media.daum.net/society/others/newsview?newsid=20120627163610140&nil_id=1&t__nil_economy=uptxt