There is a serious threat emerging in our country. Here is a Case in Point:
On November 5, 2021, Yanjun Xu, deputy director of a foreign intelligence branch of China’s Ministry of State Security, was convicted of conspiring to commit economic espionage and theft of trade secrets.
“This conviction of a card-carrying intelligence officer for economic espionage underscores that trade secret theft is integral to the PRC [People’s Republic of China] government’s plans to modernize its industries,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division.
“But this conviction also serves notice that the United States will not sit by as China, or any other nation-state, attempts to steal instead of researching and developing key technology. Instead, and with the support of our allies, we will continue to investigate, prosecute, and hold accountable those who try to steal the fruits of American ingenuity.”
This is just one of many instances of Chinese espionage, most all of which are a threat to this country.
However, while nation-states such as China and Russia may top the list of threats to intellectual property, many other nations also deserve our attention.
North Korea, Iran, and Cuba, as well as non-state actors such as Lebanese Hizballah, ISIS, and al-Qaeda; transnational criminal organizations; and ideologically motivated entities such as hacktivists, leakers, and public disclosure organizations, also pose significant threats.
In this article we explore this situation in greater detail.
Threats and the goals of counterintelligence?
The Federal Bureau of Investigation is the U.S. government’s lead agency for exposing, preventing, and investigating intelligence activities on U.S. soil. While the details of the FBI’s strategy are classified, the counterintelligence division’s primary goals are to:
- Protect the secrets of the U.S. intelligence community
- Safeguard the nation’s critical assets
- Counter the activities of foreign spies
- Keep weapons of mass destruction from falling into the wrong hands
- Use intelligence to drive the FBI’s investigative efforts to keep threats from becoming a reality
Businesses and organizations may not have weapons of mass destruction to protect, but they do have critical assets that need protection, just as the U.S. government does. Robust counterintelligence programs for businesses have proven effective in shielding sensitive information from unauthorized personnel.
What steps can we take to guard against threats to intellectual property?
The most important step an organization can take is to identify and mark intellectual property.
This may sound elementary, but different departments in an organization often have different definitions of what needs to be protected. For instance, TAL Global, an international risk assessment firm, investigated a case in which a client’s sales manager went to work for a key competitor. Shortly after that, the competitor announced a new product with features and benefits identical to the unannounced product the client was developing.
During our investigation, which included interviews with client personnel from engineering, marketing, human resources, and top management, we learned:
- There are two major trade shows in that industry, one in February and the other in June.
- The engineering department gave a presentation at the February show, which was open to all attendees.
- During that presentation, engineers described the soon-to-be-introduced product, including features and benefits.
At the conclusion of our investigation, it was clear that personnel in the marketing and engineering departments were not aware of the sensitivity of the information they shared. Clear communication of priorities from the executive suite may have prevented this unintentional leaking of trade secrets.
Recognizing Espionage Factors and Behavioral Indicators
As security experts, we have learned over the years that people will spy on their employers for several reasons. Among them are the following:
- Pressing financial needs are often an impetus to illegal activity.
- Employees who feel their employer has wronged them or have issues at work are more likely to spy on their employer.
- Divided loyalty. The employee might feel a strong allegiance to another individual, group, or country.
- Fun, travel, and adventure. Some people picture themselves as the next James or Jane Bond and seek the thrill — and even a little of the danger — of spying.
- Family problems or vulnerabilities. Marital troubles, extramarital affairs, gambling, impending criminal charges — each of these has been shown to be a motivating factor in industrial espionage.
Organizational issues can also result in threats to a company and the theft of intellectual property. These are some of the more common organizational factors leading to industrial espionage:
- Easy access to sensitive information. The individual finds that it is quite easy to acquire sensitive information or assets that can offer a lucrative return.
- No safeguards. Trade secrets, sensitive information, or other proprietary information not labeled and safeguarded, making it easy to spirit out of the organization.
- Few barriers. Lack of physical security and cybersecurity makes it easy to move proprietary or sensitive information or assets out of the organization’s facilities or control.
- Lack of awareness. Employees may not have the appropriate training to properly secure confidential or sensitive information.
In addition, certain employee behaviors should arouse suspicion when it comes to protecting intellectual property. The following behaviors should raise a red flag:
- Employees taking sensitive or proprietary material home without need or authorization
- Employees showing unusual curiosity or interest in sensitive matters outside their scope of employment
- Staffers living beyond their apparent means of support
- Employees with suspicious personal contacts such as with competitors or others who would benefit from knowing the organization’s secrets
Fortunately, there are steps employers can take to prevent intellectual theft. Many times, to ensure these steps are in place, employers need to work with a professional security and risk assessment organization such as TAL Global. As referenced earlier, we have experience dealing with these situations, and most important, with ways to prevent them. However, some steps that employers can take now include the following:
- Regularly train employees on proper security protocols and procedures.
- Ensure that employees and contractors sign security agreements, nondisclosure agreements (NDAs), and acknowledgments.
- Use screening processes to select employees.
- Provide simple yet clear instructions for employees and contractors as to what to report, how to report it, and to whom intellectual theft concerns should be reported. These instructions should underscore that this information is being kept confidential.
- Routinely monitor computers and networks. Ensure that employees are aware that the organization can monitor its networks and is doing so for their protection and to protect the company’s assets.
Industrial espionage, particularly by foreign powers, is a growing concern. Stopping it requires everyone to understand their role in protecting themselves and their organization’s sensitive and proprietary information and assets. A few basic measures, combined with the help of experts, will provide organizations with not just peace of mind but real security.
Lawrence D Dietz is part of the TAL Global team. He is an attorney, cybersecurity professional and instructor for Monterey College of Law and American Military University. He retired as a Colonel in the U.S. Army Reserve after a Distinguished military career including service at the NATO Four Star level and US Special Operations Command.
Deitz was also Deputy Commander of NATO SFOR Combined Joint Information Campaign Task Force (Bosnia), PSYOP Group Staff Officer, PSYOP Battalion Commander, and held other military intelligence and Special Operations Forces (PSYOP/CA) Assignments.
His legal expertise includes complex multi-party contract negotiations (many international), NDAs and Law of Armed Combat. His degrees include JD, Master of Strategic Studies from the US Army War College, MBA, JD, and LLM in European Law. Dietz is also a volunteer Public Affairs Officer and Advanced International Humanitarian Law Instructor for the Red Cross. Finally, he is the author of: http://psyopregiment.blogspot.com.