Inside the Chinese Boom in Corporate Espionage is the headline in a recent article in Businessweek (now named Bloomberg Businessweek). It reports an 007ish tale of software theft by a Chinese windmill company. American Superconductor Corp (AMSC) had a profitable partnership selling control systems to Chinese wind turbine company Sinovel. As for all expensive industrial equipment, software plays a vital role in wind turbines. So when stolen/edited copies of their software turned up in Sinovel machines, and Sinoval stopped accepting equipment from AMSC, it was a calamity for AMSC.
The Business Week article implicitly blames high tech “Chinese espionage,” which has been getting a lot of coverage in the US press recently. But as a very interesting blog post by Steve Dickinson points out, the actual theft was very traditional. An insider (one of the software’s chief developers) was bribed to turn over the source code. Nothing high-tech about the theft, unless you still call email “high tech.” And according to Dickinson, the theft was predictable, and was facilitated by lack of low-tech protection measures by AMSC.
More interesting for my focus on knowledge, even having the source code is not fully sufficient for Sinovel. Certainly source code is 100x more useful than object code. (Source code = what humans write; object code = the translated version that computers run.) First, Sinovel already has a 50% market share in China and needs to export to grow – but exporting is now difficult because who wants to buy a wind turbine running on stolen code? Second, even the code does not contain all the knowledge that was needed to write it. And as the turbines, their control systems, and the utility systems they run in evolve, the code will need extensive modifications over time.
Extensively modifying code is hard, and requires intensive knowledge of the engineering that went into it. If the developer/thief/engineer was persuaded to turn over all his notes and explanations, it will be easier – but again that depends on personal access, not on “hacking.” And much will depend on the ability of Sinovel’s own engineers to come up with incremental innovations over time.
I don’t mean to downplay the serious nature of the overall problem. As in many previous episodes of up-and-coming NICs dealing with Old World Technology, (Japan 1970, Korea 1980, and US 1880 are well-known examples), various forms of “borrowing” certainly accelerate the NIC’s rise to technological progress. But none of the solution fits into the category of “cyber defense.” To some extent copying inevitable, and the Old World companies/nations just have to continue to innovate faster than the competitors. And more direct defense requires “traditional” approaches to stealing trade secrets and patents.