The High-Tech Espionage Threat

Tuesday, July 3, 2012 @ 03:07 PM gHale


U.S. companies lost $13 billion through economic espionage in the current fiscal year, the FBI said.

Not only that, but as the FBI’s economic espionage caseload grows, so is the percentage of cases attributed to an insider threat, meaning that, individuals currently (or formerly) trusted as employees and contractors are a growing part of the problem. Those were the observations made by the FBI to a House Committee on Homeland Security, Subcommittee on Counterterrorism and Intelligence hearing.

RELATED STORIES
Lulzsec Members Plead Guilty
Indicted: Access to Supercomputers
British Hackers Face Jail Time
Jail Time for Ex-Intel Worker

FBI Assistant Director, Counterintelligence Division Frank Figliuzzi discussed a February 2012 indictment, where several former employees with more than 70 combined years of service to the company were convinced to sell trade secrets to a competitor in the People’s Republic of China (PRC).

“Entities owned by the PRC government sought information on the production of titanium dioxide, a white pigment used to color paper, plastics, and paint. The PRC government tried for years to compete with DuPont Corporation, which holds the largest share of a $12 billion annual market in titanium dioxide. Five individuals and five companies were commissioned by these PRC state-owned enterprises collaborate in an effort to take DuPont’s technology to the PRC and build competing titanium dioxide plants, which would undercut DuPont revenues and business. Thus far, three co-conspirators have been arrested and one additional co-conspirator has pled guilty in federal court. This case is one of the largest economic espionage cases in FBI history,” Figliuzzi said.

“The theft of U.S. proprietary technology, including controlled dual-use technology and military grade equipment, from unwitting U.S. companies is one of the most dangerous threats to national security,” said John Woods, assistant director of national security investigations at U.S. Immigration and Customs Enforcement.

The insider threat is not new, but it’s becoming more prevalent for a host of reasons, Figliuzzi said, including:
• Employee financial hardships during economic difficulties;
• Global economic crisis facing foreign nations, making it even more attractive, cost-effective, and worth the risk to steal technology rather than invest in research and development;
• Ease of stealing anything stored electronically, especially when one has legitimate access to it; and
• Increasing exposure to foreign intelligence services presented by the reality of global business, joint ventures, and the growing international footprint of American firms.

Figliuzzi said another grave threat to national security is the illegal transfer of U.S. technology.

“The FBI is seeing an expansion of weapons proliferation cases involving U.S. acquired components. These are components exported from American companies, initially headed to someplace they’re allowed to be, but ultimately destined for someplace they should never be,” he said.

The FBI’s Counterproliferation Center (CPC), which identifies and disrupts networks of weapons of mass destruction (WMD) activity, is responsible for pursuing cases of illegal technology transfer, whether the technology is for WMDs or other uses. The CPC has tripled its disruptions of illegal transfers of technology since FY 2011.

“We have made more than a dozen arrests since the CPC’s inception in July 2011, including the arrests of multiple subjects on the Central Intelligence Agency’s Top Ten Proliferators List,” Figliuzzi said.

The magnitude of the threat ends up compounded by the ever-increasing sophistication of cyber-attack techniques, such as attacks that may combine multiple techniques. Using these techniques, cyber thieves may target individuals and businesses, resulting in, among other things, loss of sensitive personal or proprietary information.

“These concerns are highlighted by reports of cyber incidents that have had serious effects on consumers and businesses,” said Gregory Wilshusen, director, Information Security Issues for the Government Accountability Office. “These include the compromise of individuals’ sensitive personal data such as credit- and debit-card information and the theft of businesses’ IP and other proprietary information. While difficult to quantify monetarily, the loss of such information can result in identity theft; lower-quality counterfeit goods; lost sales or brand value to businesses; and lower overall economic growth and declining international trade,” he said.



Leave a Reply

You must be logged in to post a comment.