Think cyber-espionage is a victimless crime?
And think how quickly the US competitiveness gap (i.e., our advantage) will shrink if the current rate of intellectual property theft continues apace.
CyberSecurity: it’s not just for breakfast anymore. Learn it, do it, preach it.
Article by Joshua Philipp in Epoch Times.
Emphasis in red added by me.
Brian Wood, VP Marketing
The Staggering Cost of Economic Espionage Against the US
The United States has known for sometime that it has been victimized by economic espionage mounted by other countries, especially China and Russia. According to a counterintelligence expert hired by companies to help them counter this threat, the toll for these crimes is far, far higher than what has been officially reported.
Economic espionage represents “the greatest transfer of wealth in history,” said General Keith Alexander, NSA director and commander of U.S. Cyber Command, at the American Enterprise Institute in 2012.
BlackOps Partners Corporation, which does counterintelligence and protection of trade secrets and competitive advantage for Fortune 500 companies, estimates that $500 billion in raw innovation is stolen from U.S. companies each year. Raw innovation includes trade secrets, research and development, and products that give companies a competitive advantage.
“When this innovation is meant to drive revenue, profit, and jobs for at least 10 years, we are losing the equivalent of $5 trillion out of the U.S. economy every year to economic espionage,” said Casey Fleming, CEO of BlackOps Partners Corporation. “To put it into perspective, the U.S. will take in $1.5 trillion in income taxes and $2.7 trillion in all taxes in 2013.”
Due to the nature of the business, it is often difficult to place solid numbers on the cost of economic espionage. To protect their investors, companies rarely want to announce breaches by spies or hackers to the public, and government agents often find gathering enough evidence to charge an insider with espionage difficult.
BlackOps is in a unique position, however, since working with numerous major companies directly on counterintelligence gives them insider knowledge on corporate losses.
“Every company with trade secrets and competitive advantage is being targeted, secretly and deliberately by both insider and external spies,” Fleming said. “Protecting trade secrets and competitive advantage must be an immediate top priority in all U.S. companies with the highest level of aggressiveness.”
A Murky World
The lack of transparency on economic espionage makes it a difficult problem to tackle.
The FBI estimates that economic espionage costs the U.S. $13 billion a year, yet their numbers are based only on current FBI cases where spies have been caught and charged. It does not include the majority of theft that was not reported, or the scale of breaches that are unknown to the companies.
During his speech, General Alexander said investigations by the FBI and other agencies find that for every company that detects a cyberattack there are 100 others that are unknowingly being hacked.
The Office of the National Counterintelligence Executive, meanwhile, estimated the cost as being between $2 billion and $400 billion in a 2011 report. It states, however, that while the intelligence community has improved its ability to understand the threat of cyberespionage on government systems, “our knowledge of cyber-enabled economic espionage threats to the U.S. private sector remains limited.”
The crux of the issue, it states, is “China and Russia view themselves as strategic competitors of the United States and are the most aggressive collectors of U.S. economic information and technology.”
There are fundamental differences between the approaches of Russia and China. Russian intelligence services “are conducting a range of activities to collect economic information and technology from U.S. targets,” it states. The Chinese, however, “are the world’s most active and persistent perpetrators of economic espionage.”
Researchers used to know the attacks originated in China, but couldn’t pin them directly on the Chinese government. This changed, however, with the Feb. 18 release by the cybersecurity firm Mandiant of the “APT1″ report, which traced economic espionage campaigns back to the Chinese military.
Apart from the evidence for direct links, China regularly finds itself in the spotlight for state-run cyberespionage campaigns through traces on the source of attacks and consideration of the context of what the hackers were after.
There is a robust list of industries that have been targeted by China’s campaign of stealing trade secrets. Espionage campaigns have been mounted to score deals in the global oil trade, to formulas to boost China’s chemical industry, to blueprints for Western technology.
A large, on-going campaign was uncovered in September, where Chinese hackers had been targeting technology companies including Google and Adobe since at least 2009. In March 2012, a former DuPont scientist at the company from 1966 to 2002 pled guilty to providing trade secrets to companies controlled by the Chinese government.
Chinese wind power company Sinovel was charged in June for stealing trade secrets on wind turbines from American Superconductor Corp. (AMSC). After the theft went public, the American company’s stock lost nearly 90 percent of it’s value in less than 9 months and lost more than $1 billion in market value. These are only a few examples of a massive problem.
A Broader Discussion
When President Barack Obama met with Chinese leader Xi Jinping in June, China’s aggressive campaign of economic espionage was expected to be a key topic. The diplomatic agenda was to bring attention to economic espionage and begin addressing it internationally.
Yet, the topic of spying was thrown out the window just prior to the meeting, when former NSA contractor Edward Snowden released information on spying by the NSA.
David Fiddler, a law professor and an expert on economic espionage, said there was a chance the United States could have slowed the rate of global economic espionage, “but Snowden destroyed that.” As the discussion now stands, U.S. is not only back to where it started. Fiddler said “we need to recreate square one to even have this conversation.”
“Right now the idea of trying to have a sort of diplomatic initiative on economic espionage is dead in the water,” he said.
In the meantime, however, the United States can still address economic espionage from a defensive standpoint. This was an ongoing debate in congress where legislation had been in limbo since it impacts how much oversight the government has over U.S. businesses.
Yet, President Obama forced initial regulations through when he issued a cybersecurity executive order on Feb. 13, which among other issues establishes programs to share information between businesses and government on security breaches.
According to Fiddler the discussion around economic espionage should go beyond just statistics on losses for big business. It’s a crime that reduces jobs, drains tax money, and harms innovation, he said.
“You have other countries attempting to free ride on American innovation, and that’s innovation that’s often stimulated or paid for by taxpayer money,” he said.
Nonetheless, U.S. companies are still largely on their own when it comes to defending against economic espionage, and the threat is very real. When the “Economic Espionage Penalty Enhancement Act of 2011″ was passed, former U.S. Senator Herb Kohl said in a press release “As much as 80 percent of the assets of today’s companies are intangible trade secrets.”
Casey Fleming of BlackOps said as things stand, “Senior executives, CEO’s, and Boards of Directors are required to hold the fiduciary line and do whatever is required to protect their competitive advantage and revenue stream during this full-on assault against their companies.”