Amgen’s Security Program Born of Experience : Biotechnology: The company thwarted two apparent plans to steal intellectual property. System relies on alert, loyal employees as well as technology.

THOUSAND OAKS — Amgen Inc., the nation’s largest biotechnology company, spends hundreds of thousands of dollars a year on guards, cameras, computer systems and other means of protecting its so-called intellectual property.

But a planned theft last year of some of Amgen’s most carefully guarded secrets might have gone entirely unnoticed were it not for a plain, unsigned letter that turned up in the company’s mailroom.

Thanks to the anonymous tip in that letter, Amgen--along with the FBI and one of Wall Street’s best-known private investigation companies--thwarted an apparent piracy scheme by a low-level employee. The case, Amgen’s second such incident in five years, illustrates high-tech firms’ vulnerability to corporate pirates, especially when the pirates are on the company payroll.

Bill Boni, 40, Amgen’s chief of information security, formerly worked in U.S. Army counterintelligence and spent 1981 in South Korea catching North Korean spies. But even Boni acknowledges that when it comes to guessing the intentions of his 3,200 Amgen co-workers, he is virtually powerless.

If accused CIA spy “Aldrich Ames can betray the trust of his country, what makes you think a corporate employee couldn’t be tempted?” Boni said. “You pick your human vice and gauge the probabilities.”

Like any drug company, Amgen’s success hinges on its ability to develop and market new products before its competitors do. So far, Thousand Oaks-based Amgen has struck gold twice. Its Epogen and Neupogen drugs are widely used by cancer and kidney dialysis patients. On the strength of those two drugs Amgen had sales of $1.37 billion and a profit of $383 million in 1993.

Blueprints for Epogen, which stimulates the production of red blood cells, were stolen in 1988 by an Amgen laboratory researcher who offered to sell the documents to a domestic rival for $200,000. That employee was nabbed in a sting set up by the FBI and served a prison sentence, the FBI said.

Last year, another laboratory researcher hatched a similar scheme. The denouement of this latest incident, as one investigator said, “begins with a letter.”

Unsigned and bearing no return address, the letter warned that a laboratory worker planned to steal company secrets, including vials of cells that might enable an outsider to reproduce Epogen, which for Amgen produced $587 million in revenue last year. The employee, whom Amgen declined to name, also had an apparent accomplice outside the company, a partner in a purported technology export business with contacts overseas, the letter said.

Among the first to examine the letter was Boni, who quickly gathered the standard information most companies keep on its employees: timesheets, expense records, security access reports, etc. When Boni looked at the employee’s phone records, he gulped.

From a phone at his lab station, the employee, an Asian immigrant, had made about 70 calls to a dozen different numbers in his home country within just a few weeks. Worried that the worker was ready to cart Amgen’s secrets off to the pharmaceutical black markets of Asia, Boni turned for help to Kroll Associates, one of Wall Street’s premier private investigation firms.

Through its Hong Kong office, Kroll gathered information on the employee’s calls, learning that he appeared to be shopping Amgen’s technology among potential buyers in his home country, including some with government connections. Neither Kroll nor Amgen would identify the country.

Meanwhile, Kroll’s Los Angeles office placed the Amgen employee under surveillance. He had not made off with any secrets yet, Kroll determined, but agents followed him everywhere, waiting for his first misstep.

Another anonymous letter arrived, apparently from the same source, saying that the employee and his accomplice planned to enter an Amgen lab on the following Sunday evening. When they did, investigators from Amgen, Kroll and the FBI--which was updated throughout the two-week investigation--strolled in to greet them.

“They were pretty shocked, sort of shocked into silence,” said Stephen Vale, head of Kroll’s Los Angeles office, who was among the investigators to confront the duo.

Caught bringing an outsider into a laboratory without permission, and confronted with the phone records, the employee confessed that evening and was fired. No charges were filed because nothing had been stolen, Boni said, and proving conspiracy to steal “would have been touch and go.”

During interviews that evening, investigators learned that the conspirators were woefully unsophisticated, and so underfinanced that they had sneaked onto the Amgen campus that evening not to steal vials of cells, but to make free calls to Asia using Amgen’s phones.

Had they pulled off their caper, the two partners might have made a small fortune for themselves by selling the drug cells, which could be copied and mass-produced through genetic engineering, perhaps in a country with little regard for patent protections.

Increasingly concerned about high-tech piracy, Amgen spends $150,000 a year on desktop computer software, encryption technology for fax machines, voice scramblers for cellular phones and other security devices. In the past two years, the company has purchased $500,000 in software to protect its computer systems from hackers who might tunnel in through computer lines to look at Amgen’s files.

Three years ago, the company even set up its own computer network. Although Amgen is still connected to the Internet--the global computer network--its sensitive data is transmitted across privately leased communication lines that connect its Thousand Oaks systems to Amgen locations in England and Switzerland.

But experience has taught Amgen that not every thief travels the information superhighway. So the company conducts background checks on virtually all of its new hires, a daunting task considering it has grown from 500 employees five years ago to 3,200 today. Boni also lectures new hires on their role in protecting the company’s interests, often recounting the lesson of last year’s theft attempt.

Despite all of Amgen’s high-tech security systems, that lowly lab worker’s scheme might have gone undetected if it weren’t for an ordinary letter, undoubtedly mailed by an alert employee. “Your employees,” Boni said, “are your best line of defense.”