4 minute read
SPYCRAFT & BUSINESS INTELLIGENCE
By Dean Boerger, Private Investigator, Boerger Investigative Services, LLC
BUSINESS IS WAR!
The White House estimates that the US Economy loses 100 Billion a year as a result of industrial espionage and theft of proprietary information.
Information and knowledge about the business environment and competitors can be the difference between success and failure. What are specific reasons why a company and/or foreign nation may need this information and knowledge?
Companies and/or foreign nations try to obtain trade secrets to gain a competitive advantage or gain a greater market share. Companies and/or foreign nations may use information and intelligence to negatively influence the reputation or public perception of a company.
LEGAL VERSUS ILLEGAL METHODS. Companies and/or foreign nations may use legal and/or illegal methods to obtain information. Business or economic intelligence refers to legal methods. Corporate, industrial, or economic espionage refers to illegal methods.
What companies are at risk for corporate, industrial, or economic espionage?
EVERY COMPANY However, larger and more successful firms that have considerable investments in Research and Development (R & D) are at higher risk.
ESPIONAGE AGENTS Categories of agents, infiltrators, or hackers include: Insiders: Employees or persons who have legitimate reason to access facilities, networks, or data. Outsiders: Spies or agents from outside the company.
What people are the most likely to become agents? Why might they become agents? Companies must be particularly aware of defectors, former employees, and disgruntled employees. Money, revenge, and/ or ego fuel both outsiders and insiders. METHODS OF ESPIONAGE
What are some ways an unauthorized person or group could obtain trade secrets or protected information of a company? Can you think of any recent or monumental examples? What are some signs that show you and/or your company had information compromised?
HACKING. Exploiting a computer system or network to gain unauthorized access to information. Considered one of the top methods and is rapidly increasing in popularity.
SOCIAL ENGINEERING. The tricking of a person into revealing their password or other valuable corporate information. • Shoulder Surfing • Password Guessing • Pretending to be someone else like maintenance, someone new, someone from another office out of town, etc.
AUDIO DEVICES Use of bugging, telephone tapping, and other methods to obtain information Examples of Audio Operations performed by professionals: • Trojan Horse • Quick Plant • Drilling Operations
OTHER METHODS • Dumper Diving/Garbage Pull • Use of Double Agents • Surveillance
PREVENTING AND COUNTERING CORPORATE ESPIONAGE. Use of Corporate Intelligence. Monitor competitors closely to analyze their actions and determine if they may have access to or utilized another company’s trade secrets. Utilize intelligence to anticipate and stay ahead of the competitor’s actions and market fluctuations.
IDENTIFYING THREATS AND RISKS Conduct a risk assessment to: Identify and determine the worth of trade secrets and other valuable corporate information. Determine potential adversaries, threats, and possible attacks. Detect security vulnerabilities and then minimize them. Update and further develop both security policies and an incident response plan.
SECURITY PROCEDURES Control access to data and facilities on a need-to-know basis. Implement physical security systems and standards that are rigorous and deter intrusion. Secure company network and computer infrastructure through a multi-layered approach. EMPLOYEES Conduct thorough background checks. Educate employees on the security policies and procedures. Monitor employee behavior and activity through audits, software, and checkups. Create a proper termination procedure that requires the immediate return of property and ending of access to company resources.
OTHER MEASURES. Properly dispose of trash and materials. Require visitors to be always escorted and workers to be strict about social engineering prevention measures. If you believe you are being bugged or tapped, avoid the vulnerable areas or items and consult a professional TSCM technician. (Boerger Investigative Services, LLC) SECURITY CONTROLS IN PLACE:
Avago NDA requirements Annual training in confidentiality Physical restrictions (badge access) Security cameras Username/Password requirements Shared drive access restrictions
Login banners Confidential labels Project code names Restrictions on Data presented externally CASE STUDY
“In May of 2015, two employees were accused of stealing trade secrets from two U.S tech companies named Avago and Skyworks. The attackers collaborated for years on how to obtain the data needed to stand up their own company in China to compete in the billion dollars a year business.
Avago is a leading designer of analog, digital and mixed signal and optoelectronics components and subsystems in the semiconductor space. Their products are used in many cells phones globally. Skyworks Solutions was an innovator of high performance analog semiconductors.
The insiders received their Masters and PhD in 2006 from the University of Southern California where they were classmates, before going to work each at their respective companies for the next 3 years. Avago had spent some 50 million (USD) on R&D over a 20 year time period, investing in up to 14 technology solutions. Skyworks had up to 9 technology solutions, of which some had been sold to Avago in previous years.
The insiders applied a low and slow method of data exfiltration, slowly extracting data over the course of several years…” They extracted many trade secrets including recipes and product designs, project plans, testing reports, performance data, and much more.
Skyworks Physical restrictions (Badge access) Login banners Username / Password requirements Folder level permission Restricted VPN access IP training / NDA requirements Exit interviews
