How CIOs Can Learn to Catch Insider Crime

Research shows that CIOs rarely discover the internal security threats that can ruin companies, even though it frequently involves IT systems. Here's what needs to change.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Yuan Li knew what she wanted and how to get it. For 32 months, starting in October 2008, the 29-year-old research chemist at Sanofi-Aventis downloaded trade secrets from the pharmaceutical firm. Li had worked for Sanofi, which makes the allergy pill Allegra and sleeping pill Ambien, for more than two years when she started to steal data. Her target: five chemical compounds that the company had kept secret for possible use in future drugs.

She knew which database to query to download the information to her work laptop, and from there she emailed it to a personal account. Sometimes, she loaded a USB flash drive with material. Li, a Chinese national, then put the information up for sale through a pharmaceutical company that she partially owned, whose parent is based in China.

Sanofi helped investigators from the FBI and the U.S. attorney in New Jersey to prosecute Li. In January, she pleaded guilty to theft of trade secrets and is due to be sentenced this month. She faces up to 10 years in jail and a $250,000 fine.

To continue reading this article register now