Feds: Man stole US cancer data to study in China

[Erica Absetz <erica () riskbasedsecurity com>]

MILWAUKEE (AP) — When three vials of a possible cancer-fighting
compound disappeared recently from a professor’s desk at the Medical
College of Wisconsin, suspicion quickly fell on a research assistant
who had been working in the scientist’s lab.

Security video showed Hua Jun Zhao, who studied in China and whose
wife lives there, was the only person who entered the professor’s
office that day. Investigators later found research results from
another professor on Zhao’s computer.

Zhao has been charged in a federal complaint with economic espionage,
accused by prosecutors stealing academic research to pass off as his
own in China. Prosecutors said he hoped to study the compound and
other materials at Zhejiang University, one of several Chinese schools
that have been troubled by plagiarism, fraud and academic misconduct.

Zhao, 42, worked on a team led by professor Marshall Anderson, who is
researching whether the compound can help kill cancer cells without
damaging healthy ones, school spokeswoman Maureen Mack said. The
compound is still being studied in a lab and has not yet advanced to
clinical testing, she said.

The stolen vials of the C-25 powder are worth $8,000, the complaint
said. Leonard Peace, an FBI spokesman in Milwaukee, said he couldn’t
comment beyond what was in the complaint, except to confirm the vials
had not been recovered.

Anderson noticed the vials missing on Feb. 22. School security video
showed Zhao was the only person who entered Anderson’s office that
day. Federal investigators questioned him about the vials on Feb. 27,
but Zhao claimed he did not understand their questions, the complaint
said. The school immediately placed him on administrative leave.

Zhao’s co-workers told the FBI that Zhao spoke excellent English and
he had lived in the U.S. for many years. Mack declined to say how long
Zhao worked at the school and would not provide details of his
immigration status, referring questions to the FBI.

Zhao was arrested March 29 and charged with economic espionage, which
carries a maximum penalty of 15 years in prison and a $500,000 fine. A
judge on Monday ordered him held at Milwaukee County Jail until trial.
No trial date has been set but a preliminary hearing is scheduled for
April 11.

Zhao’s public defender, Juval Scott, said it was too early to comment
on the case.

‘‘Right now I know that a talented professional has been accused of a
serious crime,’’ she said in an email, ‘‘and our office looks forward
to rolling up our sleeves and working on his behalf.’’

Zhao traveled to China in December. Since his return in mid-February,
he has claimed on his resume that he’s an assistant professor at
Zhejiang University, the complaint said. Zhejiang University has had
previous problems with theft. He Haibo, an associate professor in its
College of Pharmaceutical Sciences, was fired in 2009 after it was
discovered he had published papers with data stolen from a professor
when he was a doctoral student at another Chinese university.

Academic plagiarism and fraud has been a problem in China, where some
say professors are given an incentive to cheat because they’re often
evaluated on the number, rather than the quality, of papers published.

Mark Frankel, director of the American Association for the Advancement
of Science’s scientific responsibility, human rights and law program,
said American universities are vulnerable to theft because there is a
culture of openness. Scientists often share research in an effort to
verify and reproduce each other’s discoveries, he said, adding that
the risk also has become greater since the 1980s as universities
partner with companies on work that they plan to patent and market.

‘‘As we begin to see that science (and) the knowledge that it creates
can be translated into value, this whole notion of theft ... began to
populate the university environment,’’ Frankel said.

He recalled a flurry of thefts in the late 1990s and early 2000s but
said he believes computer hacking, and data theft related to that,
have become a greater problem in recent years.

Zhao allowed the medical college to copy files from his personal
laptop, a thumb drive and an external hard drive after he was placed
on administrative leave. Investigators found 384 files related to
Anderson’s research, as well as research results from another
professor from the school’s cancer department.

Among the files was a grant application to a Chinese foundation that
Zhao wrote in Mandarin. In the application he said he discovered the
C-25 compound and that he was seeking funding to continue his research
in China. Anderson told investigators the application was a verbatim
translation of a grant application he himself had written several
years earlier in English.

School security staff told FBI agents that on the day of his
suspension Zhao also accessed school computers remotely and deleted
files related to the C-25 research. The college was able to recover
the files. Zhao denied accessing the server or deleting files and said
he didn’t understand the FBI agents’ questions.

Federal authorities subsequently searched Zhao’s home and found a
receipt for shipment of a package to Zhao’s wife along with two
airline tickets from Chicago to China leaving Tuesday, as well as an
application to the National Natural Science Foundation of China for
research funding for C-25.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.