Nation States' Espionage and Counterespionage

[InfoSec News <alerts () infosecnews org>]

http://www2.csoonline.com/exclusives/column.html?CID=33542

By Christopher Burgess
CSOonline.com
Feb. 19, 2008  

Note: Abridged from Overview of the 2007 Global Economic Espionage 
Landscape, which will be published in full at a later date.

Throughout 2007 we have seen numerous governments striking the alarm 
bells and warning all: Protect yourself! The thieves are coming! These 
warnings of nation-state sponsored activities in the realm of industrial 
espionage have truly reached critical levels within the developed world. 
The warnings are applicable to all nations, industrial sectors, and 
companies and not just to those who have stepped forward and accepted 
the political risk of calling out the unsavory activities taking place 
in the market. These pronouncements are quickly followed by a yet 
another government standing up a new or improved counterintelligence or 
counterespionage entity within their domain in order to protect their 
countrys interests in both the public and in the private sector from 
these self-pronounced and empowered nations whose intelligence apparatus 
are targeting the intellectual properties of the worlds corporations.

The playing field is crowded with actors both new and old. Amazingly, 
the combined level of activity exceeds any level previously encountered, 
including the apex of the Cold War, when geopolitical and ideological 
battle lines truly existed but when current level of communications 
infrastructure around the globe did not. It is this enhancemed 
communications infrastructure which has in essence leveled this playing 
field of industrial espionage for all the nation states.

Now, more than eight years since the climax of the Cold War, the threat 
of industrial and economic espionage has percolated once again to the 
forefront. The tools of the intelligence collector are once again being 
brought out and dusted off and put to use as nations make use of what is 
referred to as the second-oldest profession. They are willing to make 
the political decision to support their indigenous corporations and 
companies with the provision of competitors intellectual property the 
old fashion way they will just take it.

In mid-November 2007, the US Department of Justice (DOJ) compiled and 
released a Fact Sheet: Major U.S. Export Enforcement Actions in the Past 
Year which summarized the 33 major cases (October 2006-October 2007) and 
prosecutions of illegal export of US technologies (including those which 
were acquired through espionage activities). Interestingly, the number 
of countries identified totaled ten, with Iran and China each 
responsible for approximately a third of the cases. Equally interesting 
is that none of the cases involving Iran were characterized as 
espionage. Of the four cases which were identified as espionage, all 
four cases identified China as the nation-state sponsor.  And equally 
remarkable is how Russia is conspicuous in their absence and does not 
appear in the Fact Sheet. This is especially noteworthy given Russian 
President Vladimir Putins call to the new head of Russias external 
intelligence service, Sluzhba Vneshny Razvedki (SVR), former Prime 
Minister Mikhail Fradkov in October 2007 to build up the SVRs Economic 
Espionage capabilities.

It is clear, however, that two countries lead the list of those most 
invested in the illicit acquisition of advanced technologies from 
companies, research institutes and enterprises to both advance their own 
economies, as well as provide data points with respect to their own 
national security strategies. Those countries are China and Russia 
numbers one and two.

So how do we go about protecting ourselves as commercial entities? The 
US FBIs Domain Program is focused on protecting those companies with US 
Government contracts. The National Counterintelligence Executive notes 
that classified briefings are provided to such entities. Their comments 
and focus seem to advocate that companies shoulder their own 
counterintelligence needs with respect to protecting themselves from the 
nation-state threat, albeit with the expectation that those enterprises 
involved in classified work with the US Government have a 
counterintelligence function as an integral part of their asset 
protection strategy and be ready and willing to work with the FBI to 
protect their companys assets.

It begs the question, what about the majority of US businesses not 
involved in government work? Perhaps the FBIs Domain program will evolve 
to be the avenue by which individual US companies will be provided the 
necessary data points to protect themselves. But the FBI Domain program 
is a US-centric capability, which does not appear to be modeled in other 
countries.  What is the multinational corporation to do? Will other 
nations follow the FBIs lead?

It is not enough to say to companies, This nation or that nation is a 
threat to you, and Yes, you should tighten up your intellectual property 
security. Nor is it sufficient to warn, that the insider is a threat, 
especially from those who are foreign nationals. How ludicrous is this 
advice? The insider is universally recognized as those closest to that 
which is valued. What multinational company does not have a mix of 
nationalities?

Perhaps more appropriately, governments calling out the warnings, 
jointly or individually find a means to step forward and identify the 
modus operandi of the offending nations, then and only then will 
companies be in a position to recognize the tells of the threatening 
nation and perhaps succeed in protecting themselves. If this should 
occur in 2008, perhaps we wont have such a robust list of Economic 
Espionage events to talk about at the end of the year.

-=-

Christopher Burgess is a 30-year veteran of the CIAs clandestine service 
and currently serves as the Senior Security Advisor to a Fortune 100 
company. Burgess speaks and writes on the topic of the global threat to 
Intellectual Property. He is the co-author of Secrets Stolen, Fortunes 
Lost, both the CSO series and the 2008 book (Elsevier).  Burgess can be 
contacted at his email cburgess (at) att.net.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn