Australian company devastated by Chinese hacking, IP theft

By on
Australian company devastated by Chinese hacking, IP theft
Page 1 of 2  |  Single page

Hackers steal $160 billion worth of intellectual property from western companies every year, according to cyber-security experts. The damage, they say, is incalculable and western governments have made it a priority to protect their nations' commercial assets.

But try telling that to Donald McGurk, chief executive of Australian communications, metal detection and mining technology firm Codan, who has watched sales and prices of his firm's metal detectors collapse since Chinese hackers stole its designs three years ago to sell cheap imitations into Africa.

With the Australian government wary of rocking the boat ahead of this month's historic signing of a free trade deal, McGurk says he was forced to hire a private investigative firm in China to stage a series of raids on counterfeit factories.

"They said you're on your own," McGurk told Reuters, referring to the Australian government officials he lobbied to help with his problem.

The Australian government did not immediately respond to queries about Codan.

Codan's experience provides a rare look at the longer-term impacts of hacking on companies, as most keep the extent of an incident under wraps. In fact, experts say many firms continue to turn a blind eye to cybersecurity even as hackers become increasingly sophisticated.

A PriceWaterhouseCoopers report found the average information security budget dropped 4 percent to $4.1 million last year, reversing a three-year trend of rising funds to tackle cybercrime. That was even as the total number of detected security incidents jumped 48 percent to 42.8 million globally, PWC said.

Bryce Boland, chief technology officer for Asia at cyber-security firm FireEye, said many companies are too focused on the reverse engineering capabilities of Chinese companies, which allow them to copy products within weeks of their public launch.

"They may be good at reverse engineering but they're much better at just getting the plans during the development phase (via hacking) and leveraging those immediately," Boland said by telephone from Singapore.

Counterfeit gold rush

Codan began to realise it had a problem when it started receiving faulty metal detectors back into its services centre in 2011. Those products, stamped with the Codan logo, had unrecognisable, inferior parts.

Then the Australian Security Intelligence Organisation (ASIO) came knocking: a Codan employee's laptop had been hacked into when he logged on using hotel wifi during a business trip to China. With an African gold rush underpinning demand for the metal detectors, Codan's blueprints had been filched by a Chinese manufacturing chain.

McGurk asked the Australian government for help, requesting they speak to Chinese authorities, but discovered his company was on its own. McGurk believes a landmark free trade deal with China, recently signed after more than a decade of negotiations, was responsible.

"No one wants to muddy the waters by putting in play something that's negative," he said.

The company instead spent "significant sums" on private investigators, who worked with China police to track the supply chain of the counterfeit metal detectors.

They discovered it led to Dubai, where police raids found "significant" numbers of counterfeit gold detectors in storage, en route to Sudan, Guinea and Niger.

China meted out jail terms of up to two years for the principals of three first-tier manufacturing companies in the supply chain, while Dubai fined several players around $5,000 each, McGurk said.

Codan, meanwhile, was forced to slash the price of its gold detectors from around $4,000-$5,000 to around $2,500 to compete with the counterfeiters.

The company's net profit fell to $9.2 million in the year to June 30, 2014, from $45 million a year earlier as a result.

Next: FireEye finds Chinese hacking group

Next Page
1 2 Single page
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

The channel is a juicy hacking target - are you improving security?
YES - recent attacks on MSPs spurred us to action
YES - we're ALWAYS improving our security stance
YES - we've noticed new forms of attack
NO - we're confident our past efforts are enough, but are always vigilant
NO - we don't see the need for change at this time
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?