When we look back at the history of insider threats, 20/20 hindsight oftentimes highlights what was missed and rarely what went right. But on this date, April 20, 1992, Ronald Hoffman was sentenced to prison for 30 months and fined $250,000 for the theft of a defense contractor (Science Applications International Corporation) intellectual property associated with a classified contract supporting the U.S. Air Force. He was brought to justice because something went right. A colleague saw something and said something.
It’s all About the Money
Hoffman was a bona fide rocket scientist, with published research on the plume and signatures of rocket exhaust plumes, which in late-1983 was cutting edge and associated with the Strategic Defense Initiative.
Hoffman’s motivation was simple. Money.
He believed his salary as a general manager was insufficient, so he set about augmenting the salary by taking his employer’s “CONTAM” software program and repackaging it for sale to various competing companies. The year was 1986 and Hoffman reached out to a number of Japanese firms including, Nissan and Mitsubishi,
He also tried to garner customers in four other countries, including South Africa. And while Hoffman always contended that the CONTAM research was in the public domain, the United States had categorized it as restrictive.
His personal business, “Plume Technology” was selling both the know-how and the software to various entities. He was apparently successfully engaging foreign entities without his defense contractor’s knowledge, until such time as one of the Plume Technology clients, Mitsubishi sent a fax to Hoffman asking if he had received the payment from Mitsubishi.
See something, say something
The fax was received by Hoffman’s admin who understood what she was holding in her hands and coupled this with her observation that Hoffman appeared to be living beyond his means, brought this to the attention of their employer’s chief counsel.
Hoffman was confronted by his employer and quit on the spot. Yet, he wasn’t through. Building security cameras saw he returned to his office during the evening and recorded him exiting with boxes of the CONTAM documents. The departing insider made his last heist on the way out the door. How the discharged employee was able to regain access to his workspace is not explained.
Hoffman gets stung
The company reached out to the government and the result was Customs and Air Force ran a joint sting operation against Hoffman, posing as interested South African buyers. Hoffman bit, and tried to sell the CONTAM modules without the appropriate export licenses and was arrested on June 14, 1990. He had successfully shared restricted data, under the table with a variety of foreign entities for approximately four years. All told, it is estimated that Hoffman garnered more than $750,000 in illicit payments.
He was charged with violating Arms Export Control Act and the Comprehensive Anti-Apartheid Act. The 25-day trial ended with a guilty verdict on February 24, 1992.
Security starts at home
One can speculate how much longer Hoffman’s violation of export controls would have continued and the number of countries to which U.S. sensitive defense information would have been shared had Hoffman’s admin not picked up the fax, seen it as suspicious, and reported the situation with the powers to be.
