Mondays for Ian Colle were always the same. The veteran Raytheon software engineer got a chirpy reminder from his Outlook calendar that at 9:30 a.m. it was time to “Check Drop Box,” a special place in the company’s computer ether where Raytheon employees filed secret plans, memos and letters.
The morning was probably mixed with a swing by the coffee machine. Maybe he exchanged mind-numbing pleasantries about his weekend with some Dockers-clad cohort.
Then, he would regularly steal company secrets and send them to a Raytheon competitor before it was time for a proper coffee break.
Federal investigators say Colle was acting as a sort of corporate double agent — Dilbert meets James Bond. He snatched documents from Raytheon and gave them to Paragon Dynamics. Raytheon eventually sniffed out the scheme, and federal prosecutors brought the hammer down on Paragon and Colle last fall. The company paid a $1.5 million penalty, and Colle forked over $60,000 for his work as a mole.
Experts say corporate espionage cases like this one aren’t necessarily on the rise. But in boardrooms around the country, business leaders are slowly realizing the risks that corporate spies pose to their bottom line.
“This happens more often than corporations would be willing to admit. In many instances it’s pushed under the rug, cited as employee malfeasance or strictly an employee violating restrictive covenants, as opposed to a more nefarious act,” said Jarrett Kolthoff, president and CEO of SpearTip Cyber Counter Intelligence. The Missouri-based firm consults with businesses about how to protect their secrets.
Kolthoff, who worked in counterintelligence for the U.S. Army before launching SpearTip, said espionage cases run the gamut. In some, companies will plant an employee inside a competitor’s ranks so they can poach vital secrets. Often that means copying data and walking out with it on a thumb drive, or simple paper copies.
“Unfortunately it’s pretty easy to steal corporate information. And I think that’s simply the result of American openness or trust,” he said. In other cases the spying takes on a more high-tech form, with companies hacking into a competitor’s computer systems, and siphoning secrets.
Colle and Paragon’s ordeal started in February 2008. At that point, Colle had been with Paragon for about a decade and had moved steadily up the company’s ranks to director of software engineering. He was also a senior project manager at the firm, according to his resume. The company assigned Colle to work on a project with Raytheon, one of the biggest defense contractors in the country and Aurora’s third-largest private employer.
For Colle, the partnership with Raytheon seemed a natural fit. Before he came to Paragon in 1998, the Navy veteran spent two years as a Raytheon employee, working as a senior systems engineer, after a brief stay at Hughes Aircraft.
The job with Raytheon meant Colle had access to the company’s Aurora offices near Buckley Air Force Base, and access to that digital drop box. Federal prosecutors say the box was filled with important documents, and it wasn’t as if people reading those documents didn’t know how crucial the materials were. The documents were marked: “Proprietary,” “Company Most Private” and “Source Selection.” All they lacked was a bright red “Top Secret” stamp.
Among those documents were Raytheon’s plans for two projects with the National Reconnaissance Office, a Department of Defense agency that runs the space-aged surveillance satellites, which enable much of the work at Buckley. One project was named Antietam, the other Savannah.
Exactly what Antietam and Savannah involved is unclear. The NRO has been tight-lipped about the projects, and a spokesperson at the agency’s headquarters in northern Virginia didn’t respond to several calls.
In a statement last year, Eric Beatty, a lawyer for NRO, said the agency took this case particularly seriously.
“The NRO remains committed to maintaining a business environment that promotes fair competition. Our success is a direct result of our partnerships with law enforcement agencies, and to those in government and industry who are willing to report wrongdoing,” he said.
Whatever Antietam and Savannah were, Raytheon wasn’t the only company that wanted them. Paragon wanted them, too. In March 2009, Paragon teamed with another company to try and score the Antietam project. Federal prosecutors have declined to name the third company involved and said they did nothing wrong.
At Paragon’s behest, Colle used his access at Raytheon to snoop on that company’s plans. In July 2009, Colle poked around that drop box and found some vital details about Raytheon’s plans, including a letter from the company’s CEO that was going to be included in their proposal. He sent the letter and other documents to Paragon and that third company. Investigators also found private Raytheon materials on his computer.
The case is an odd mashup of high-stakes spy saga and mundane office drama. With all the high-level data and space-aged technology involved, Colle’s tools of the trade were far from high tech. He used Outlook to set a reminder. And rather than smuggle the papers out in a concealed pocket like a KGB operative, or stash electronic copies on a hidden flash drive, he strolled to the fax machine and hit “send.”
That nonchalance may have been Colle’s downfall. Raytheon cameras recorded him sending the fax, and the videotaped evidence likely would have been used at trial had Colle opted to push it that far. Instead, with the help of a high-priced Denver lawyer who specializes in white-collar crime, he copped a plea with prosecutors and agreed to the hefty financial penalty.
He left Paragon in fall 2009, a short time after Raytheon uncovered his treachery, and he later scored a job with another high-tech firm. Colle and his lawyer did not respond to requests for comment; neither did a Raytheon spokesman.
Federal prosecutors say Colle’s spying violated the Procurement Integrity Act, a law passed in the 1980s after allegations of insider trading on government contracts. Specifically, the law bans obtaining or disclosing various types of contractor bid and proposal information, according to the U.S. Attorney’s Office in Denver, which prosecuted the case.
“When contractors compete to win a government contract, they have to play by the rules,” U.S. Attorney John Walsh said. “If they attempt to cheat in that process, through corporate espionage or other methods, the Department of Justice will hold them accountable with stiff penalties.”