From Wikipedia, the free encyclopedia
Teapot
with Actresses, Vezzi porcelain factory, Venice, c. 1725. The Vezzi
brothers were involved in a series of incidents of industrial espionage.
It was these actions that led to the secret of manufacturing Meissen porcelain becoming widely known.
Industrial espionage,
economic espionage,
corporate spying or
corporate espionage is a form of
espionage conducted for
commercial purposes instead of purely
national security.
While economic espionage is conducted or orchestrated by governments
and is international in scope, industrial or corporate espionage is more
often national and occurs between companies or corporations.
Competitive intelligence and economic or industrial espionage
"
Competitive intelligence"
involves the legal and ethical activity of systematically gathering,
analyzing and managing information on industrial competitors.
It may include activities such as examining newspaper articles,
corporate publications, websites, patent filings, specialised databases,
information at trade shows and the like to determine information on a
corporation. The compilation of these crucial elements is sometimes termed CIS or CRS, a
Competitive Intelligence Solution or
Competitive Response Solution, with its roots in
market research.
Douglas Bernhardt has characterised "competitive intelligence" as
involving "the application of principles and practices from military and
national intelligence to the domain of global business"; it is the commercial equivalent of
open-source intelligence.
The difference between competitive intelligence and economic or
industrial espionage is not clear; one needs to understand the legal
basics to recognize how to draw the line between the two.
Forms of economic and industrial espionage
Economic
or industrial espionage takes place in two main forms. In short, the
purpose of espionage is to gather knowledge about (an) organization(s).
It may include the acquisition of
intellectual property,
such as information on industrial manufacture, ideas, techniques and
processes, recipes and formulas. Or it could include sequestration of
proprietary or operational information, such as that on customer
datasets, pricing, sales, marketing, research and development, policies,
prospective bids, planning or marketing strategies or the changing
compositions and locations of production. It may describe activities such as theft of
trade secrets,
bribery,
blackmail
and technological surveillance. As well as orchestrating espionage on
commercial organizations, governments can also be targets — for example,
to determine the terms of a tender for a government contract.
Target industries
During testing, automakers commonly disguise upcoming car models with camouflage
paint patterns designed to obfuscate the vehicle's lines. Padded
covers, or deceptive decals are also often used. This is also to prevent
Motoring Media-outlets from spoiling the model's big reveal.
Economic and industrial espionage is most commonly associated with
technology-heavy industries, including computer software and hardware,
biotechnology,
aerospace,
telecommunications, transportation and engine technology,
automobiles,
machine tools,
energy,
materials and
coatings and so on.
Silicon Valley
is known to be one of the world's most targeted areas for espionage,
though any industry with information of use to competitors may be a
target.
Information theft and sabotage
Information can make the difference between success and failure; if a
trade secret
is stolen, the competitive playing field is leveled or even tipped in
favor of a competitor.
Although a lot of information-gathering is accomplished legally through
competitive intelligence, at times corporations feel the best way to get
information is to take it. Economic or industrial espionage is a threat to any business whose livelihood depends on information.
In recent years, economic or industrial espionage has taken on an
expanded definition. For instance, attempts to sabotage a corporation
may be considered industrial espionage; in this sense, the term takes on
the wider connotations of its parent word. That espionage and
sabotage
(corporate or otherwise) have become more clearly associated with each
other is also demonstrated by a number of profiling studies, some
government, some corporate. The United States government currently has a
polygraph examination entitled the "Test of Espionage and Sabotage"
(TES), contributing to the notion of the interrelationship between
espionage and sabotage countermeasures.
In practice, particularly by "trusted insiders", they are generally
considered functionally identical for the purpose of informing
countermeasures.
Agents and the process of collection
Economic
or industrial espionage commonly occurs in one of two ways. Firstly, a
dissatisfied employee appropriates information to advance interests or
to damage the company. Secondly, a competitor or foreign government
seeks information to advance its own technological or financial
interest. "
Moles", or trusted insiders, are generally considered the best sources for economic or industrial espionage.
Historically known as a "patsy", an insider can be induced, willingly
or under duress, to provide information. A patsy may be initially asked
to hand over inconsequential information and, once compromised by
committing a crime, bribed into handing over more sensitive material. Individuals may leave one company to take up employment with another and take sensitive information with them. Such apparent behavior has been the focus of numerous industrial espionage cases that have resulted in legal battles. Some countries hire individuals to do spying rather than use of their own intelligence agencies. Academics, business delegates, and students are often thought to be used by governments in gathering information. Some countries, such as Japan, have been reported to expect students be debriefed on returning home. A spy may follow a guided tour of a factory and then get "lost".
A spy could be an engineer, a maintenance man, a cleaner, an insurance
salesman, or an inspector: anyone who has legitimate access to the
premises.
A spy may break into the premises to steal data and may search through waste paper and refuse, known as "dumpster diving".
Information may be compromised via unsolicited requests for
information, marketing surveys or use of technical support or research
or software facilities. Outsourced industrial producers may ask for
information outside the agreed-upon contract.
Computers have facilitated the process of collecting information
because of the ease of access to large amounts of information through
physical contact or the Internet.
Use of computers and the Internet
Personal computers
Computers
have become key in exercising industrial espionage due to the enormous
amount of information they contain and its ease of being copied and
transmitted. The use of computers for espionage increased rapidly in the
1990s. Information has been commonly stolen by being copied from
unattended computers in offices, those gaining unsupervised access doing
so through subsidiary jobs, such as cleaners or repairmen.
Laptops
were, and still are, a prime target, with those traveling abroad on
business being warned not to leave them for any period of time.
Perpetrators of espionage have been known to find many ways of conning
unsuspecting individuals into parting, often only temporarily, from
their possessions, enabling others to access and steal information.
A "bag-op" refers to the use of hotel staff to access data, such as
through laptops, in hotel rooms. Information may be stolen in transit,
in
taxis, at airport baggage counters,
baggage carousels, on
trains and so on.
The Internet
The
rise of the internet and computer networks has expanded the range and
detail of information available and the ease of access for the purpose
of industrial espionage. Worldwide, around 50,000 companies a day are thought to come under
cyberattack with the rate estimated as doubling each year.
This type of operation is generally identified as state backed or
sponsored, because the "access to personal, financial or analytic
resources" identified exceed that which could be accessed by
cybercriminals or individual hackers. Sensitive military or defense
engineering or other industrial information may not have immediate
monetary value to criminals, compared with, say, bank details. Analysis
of cyberattacks suggests deep knowledge of networks, with targeted
attacks, obtained by numerous individuals operating in a sustained
organized way.
Opportunities for sabotage
The
rising use of the internet has also extended opportunities for
industrial espionage with the aim of sabotage. In the early 2000s, it
was noticed that energy companies were increasingly coming under attack
from hackers. Energy power systems, doing jobs like monitoring power
grids or water flow, once isolated from the other computer networks,
were now being connected to the internet, leaving them more vulnerable,
having historically few built-in security features.
The use of these methods of industrial espionage have increasingly
become a concern for governments, due to potential attacks by terrorist
groups or hostile foreign governments.
Malware
One of the means of perpetrators conducting industrial espionage is by exploiting vulnerabilities in computer software.
Malware and
spyware
as "a tool for industrial espionage", in "transmitting digital copies
of trade secrets, customer plans, future plans and contacts". Newer
forms of malware include devices which surreptitiously switch on mobile
phones camera and recording devices. In attempts to tackle such attacks
on their intellectual property, companies are increasingly keeping
important information off network, leaving an "air gap", with some
companies building "Faraday cages" to shield from electromagnetic or
cellphone transmissions.
Distributed denial of service (DDoS) attack
The
distributed denial of service
(DDoS) attack uses compromised computer systems to orchestrate a flood
of requests on the target system, causing it to shut down and deny
service to other users.
It could potentially be used for economic or industrial espionage with
the purpose of sabotage. This method was allegedly utilized by Russian
secret services, over a period of two weeks on a
cyberattack on Estonia in May 2007, in response to the removal of a Soviet era war memorial.
History
Origins
Historical accounts have been written of industrial espionage between
Britain and
France.
Attributed to Britain's emergence as an "industrial creditor", the
second decade of the 18th century saw the emergence of a large-scale
state-sponsored effort to surreptitiously take British industrial
technology to France. Witnesses confirmed both the inveigling of tradespersons abroad and the placing of apprentices in England. Protests by those such as iron workers in
Sheffield and steel workers in
Newcastle,
about skilled industrial workers being enticed abroad, led to the first
English legislation aimed at preventing this method of economic and
industrial espionage.
The 20th century
East-West commercial development opportunities after World War I saw a rise in
Soviet interest in American and European manufacturing know-how, exploited by
Amtorg Corporation. Later, with Western restrictions on the export of items thought likely to increase military capabilities to the
USSR, Soviet industrial espionage was a well known adjunct to other spying activities up until the 1980s.
BYTE
reported in April 1984, for example, that although the Soviets sought
to develop their own microelectronics, their technology appeared to be
several years behind the West's. Soviet CPUs required multiple chips and
appeared to be close or exact copies of American products such as the
Intel 3000 and
DEC LSI-11/2.
"Operation Brunnhilde"
Some of these activities were directed via the
East German Stasi
(Ministry for State Security). One such operation, "Operation
Brunnhilde," operated from the mid-1950s until early 1966 and made use
of spies from many
Communist Bloc countries. Through at least 20 forays, many western European industrial secrets were compromised. One member of the "Brunnhilde" ring was a
Swiss chemical engineer, Dr. Jean Paul Soupert (also known as "Air Bubble"), living in
Brussels. He was described by
Peter Wright in
Spycatcher as having been "doubled" by the
Belgian Sûreté de l'État.
He revealed information about industrial espionage conducted by the
ring, including the fact that Russian agents had obtained details of
Concorde's advanced electronics system. He testified against two
Kodak
employees, living and working in Britain, during a trial in which they
were accused of passing information on industrial processes to him,
though they were eventually acquitted.
Soviet spetsinformatsiya system
A secret report from the
Military-Industrial Commission of the USSR (VPK), from 1979–80, detailed how
spetsinformatsiya (
Russian:
специнформация i.e. "special records") could be utilised in twelve different military industrial areas. Writing in the
Bulletin of the Atomic Scientists, Philip Hanson detailed a
spetsinformatsiya
system in which 12 industrial branch ministries formulated requests for
information to aid technological development in their military
programs. Acquisition plans were described as operating on 2 year and 5
year cycles with about 3000 tasks under way each year. Efforts were
aimed at civilian as well as military industrial targets, such as in the
petrochemical industries.
Some information was garnered so as to compare levels of competitor to
Soviet technological advancement. Much unclassified information was also
gathered, blurring the boundary with "competitive intelligence".
The
Soviet military
was recognised as making much better use of acquired information,
compared to civilian industry, where their record in replicating and
developing industrial technology was poor.
The legacy of Cold War espionage
Following the demise of the Soviet Union and the end of the
Cold War, commentators, including the
US Congressional
Intelligence Committee, noted a redirection amongst the espionage
community from military to industrial targets, with Western and former
communist countries making use of "underemployed" spies and expanding
programs directed at stealing such information.
Notable cases
France and the United States
Between 1987 and 1989,
IBM and
Texas Instruments were thought to have been targeted by French spies with the intention of helping France's
Groupe Bull. In 1993, U.S. aerospace companies were also thought to have been targeted by French interests.
During the early 1990s, France was described as one of the most
aggressive pursuers of espionage to garner foreign industrial and
technological secrets. France accused the U.S. of attempting to sabotage its high tech industrial base.
The government of France has been alleged to have conducted ongoing
industrial espionage against American aerodynamics and satellite
companies.
Volkswagen
In 1993, car manufacturer
Opel, the German division of
General Motors, accused
Volkswagen of industrial espionage after Opel's chief of production, Jose Ignacio Lopez, and seven other executives moved to Volkswagen. Volkswagen subsequently threatened to sue for defamation, resulting in a four-year legal battle.
The case, which was finally settled in 1997, resulted in one of the
largest settlements in the history of industrial espionage, with
Volkswagen agreeing to pay General Motors $100 million and to buy at
least $1 billion of car parts from the company over 7 years, although it
did not explicitly apologize for Lopez's behavior.
Hilton and Starwood
In April 2009 the US based
hospitality company Starwood accused its rival
Hilton of a "massive" case of industrial espionage. After being purchased by
private equity group
Blackstone, Hilton employed 10 managers and executives from Starwood. Under intense pressure to improve profits,
Starwood accused Hilton of stealing corporate information relating to
its luxury brand concepts, used in setting up its own Denizen hotels.
Specifically, former head of its
luxury brands group, Ron Klein, was accused of downloading "truckloads of documents" from a laptop to his personal email account.
GhostNet
GhostNet was a "vast surveillance system" reported by Canadian researchers based at the
University of Toronto
in March 2009. Using targeted emails it compromised thousands of
computers in governmental organisations, enabling attackers to scan for
information and transfer this back to a "digital storage facility in
China."
Google and Operation Aurora
On 13 January 2010,
Google
announced that operators, from within China, had hacked into their
Google China operation, stealing intellectual property and, in
particular, accessing the email accounts of human rights activists. The attack was thought to have been part of a more widespread cyber attack on companies within China which has become known as
Operation Aurora. Intruders were thought to have launched a
zero-day attack, exploiting a weakness in the
Microsoft Internet Explorer browser, the malware used being a modification of the
trojan "Hydraq".
Concerned about the possibility of hackers taking advantage of this
previously unknown weakness in Internet Explorer, the governments of
Germany and, subsequently France, issued warnings not to use the
browser.
There was speculation that "insiders" had been involved in the
attack, with some Google China employees being denied access to the
company's internal networks after the company's announcement. In February 2010, computer experts from the U.S.
National Security Agency
claimed that the attacks on Google probably originated from two Chinese
universities associated with expertise in computer science,
Shanghai Jiao Tong University and the
Shandong Lanxiang Vocational School, the latter having close links to the
Chinese military.
Google claimed at least 20 other companies had also been targeted in the cyber attack, said by the
London Times,
to have been part of an "ambitious and sophisticated attempt to steal
secrets from unwitting corporate victims" including "defence
contractors, finance and technology companies".
Rather than being the work of individuals or organised criminals, the
level of sophistication of the attack was thought to have been "more
typical of a nation state".
Some commentators speculated as to whether the attack was part of what
is thought to be a concerted Chinese industrial espionage operation
aimed at getting "high-tech information to jump-start China's economy".
Critics pointed to what was alleged to be a lax attitude to the
intellectual property of foreign businesses in China, letting them
operate but then seeking to copy or
reverse engineer their technology for the benefit of Chinese "national champions".
In Google's case, they may have (also) been concerned about the
possible misappropriation of source code or other technology for the
benefit of Chinese rival
Baidu.
In March 2010 Google subsequently decided to cease offering censored
results in China, leading to the closing of its Chinese operation.
CyberSitter and Green Dam
The US based firm
CyberSitter
announced in January 2010 that it was suing the Chinese government, and
other US companies, for stealing its anti pornography software, with
the accusation that it had been incorporated into China's
Green Dam
program, which was used by the state to censor children's internet
access. CyberSitter accused Green Dam creators of copying around 3000
lines of code. They were described as having done 'a sloppy job of
copying,' with some lines of the copied code continuing to direct people
to the CyberSitter website. The
attorney acting for CyberSitter maintained "I don't think I have ever seen such clear-cut stealing".
USA v. Lan Lee, et al.
The United States charged two former
NetLogic
Inc. engineers, Lan Lee and Yuefei Ge, of committing economic espionage
against TSMC and NetLogic, Inc. A jury acquitted the defendants of the
charges with regard to TSMC and deadlocked on the charges with regard to
NetLogic. In May 2010, a federal judge dismissed all the espionage
charges against the two defendants. The judge ruled that the U.S.
government presented no evidence of espionage.
Dongxiao Yue and Chordiant Software, Inc.
In May 2010, the federal jury convicted
Chordiant
Software, Inc., a U.S. corporation, of stealing Dongxiao Yue's JRPC
technologies and used them in a product called Chordiant Marketing
Director. Yue previously filed lawsuits against
Symantec Corporation for a similar theft.
Concerns of national governments
Brazil
Revelations
from the Snowden documents have provided information to the effect that
the United States, notably vis-à-vis the NSA, has been conducting
aggressive economic espionage against
Brazil. Canadian intelligence has apparently supported U.S. economic espionage efforts.
United States
A recent report to the US government, by aerospace and defense company
Northrop Grumman, describes Chinese economic espionage as comprising "the single greatest threat to U.S. technology". Blogging on
the 2009 cyber attack on Google, Joe Stewart of
Secureworks
referred to a "persistent campaign of 'espionage-by-malware' emanating
from the People’s Republic of China (PRC)" with both corporate and state
secrets being "Shanghaied" over the past 5 or 6 years.
The Northrop Grumann report states that the collection of US defense
engineering data through cyberattack is regarded as having "saved the
recipient of the information years of R&D and significant amounts of
funding".
Concerns about the extent of cyberattacks on the US emanating from
China has led to the situation being described as the dawn of a "new
cold cyberwar". In response to these and other reports,
Amitai Etzioni
of the Institute for Communitarian Policy Studies has suggested that
China and the United States should agree to a policy of mutually assured
restraint with respect to cyberspace. This would involve allowing both
states to take the measures they deem necessary for their self-defense
while simultaneously agreeing to refrain from taking offensive steps; it
would also entail vetting these commitments.
United Kingdom
In December 2007, it was revealed that Jonathan Evans, head of the
United Kingdom's
MI5,
had sent out confidential letters to 300 chief executives and security
chiefs at the country's banks, accountants and legal firms warning of
attacks from Chinese 'state organisations'.
A summary was also posted on the secure website of the Centre for the
Protection of the National Infrastructure, accessed by some of the
nation's 'critical infrastructure' companies, including 'telecoms firms,
banks and water and electricity companies'. One security expert warned about the use of 'custom
trojans,' software specifically designed to hack into a particular firm and feed back data.
Whilst China was identified as the country most active in the use of
internet spying, up to 120 other countries were said to be using similar
techniques.
The Chinese government responded to UK accusations of economic
espionage by saying that the report of such activities was 'slanderous'
and that the government opposed hacking which is prohibited by law.
Germany
German
counter-intelligence experts have maintained the German economy is
losing around €53 billion or the equivalent of 30,000 jobs to economic
espionage yearly.
In
Operation Eikonal German
BND agents received "selector lists" from the
NSA
– search terms for their dragnet surveillance. They contain IP
addresses, mobile phone numbers and email accounts with the BND
surveillance system containing hundreds of thousands and possibly more
than a million such targets. These lists have been subject of controversy as in 2008 it was revealed that they contained some terms targeting the
European Aeronautic Defence and Space Company (EADS), the
Eurocopter project as well as French administration, which were first noticed by BND employees in 2005.
After the revelations made by whistleblower Edward Snowden the BND
decided to investigate the issue whose October 2013 conclusion was that
at least 2,000 of these selectors were aimed at Western European or even
German interests which has been a violation of the Memorandum of
Agreement that the US and Germany signed in 2002 in the wake of the
9/11 terror attacks. After reports emerged in 2014 that EADS and Eurocopter had been surveillance targets the
Left Party and the
Greens filed an official request to obtain evidence of the violations.
The BND's project group charged with supporting the
NSA investigative committee in German parliament
set up in spring 2014, reviewed the selectors and discovered 40,000
suspicious search parameters, including espionage targets in Western
European governments and numerous companies. The group also confirmed
suspicions that the NSA had systematically violated German interests and
concluded that the Americans could have perpetrated
economic espionage directly under the Germans' noses.
The investigative parliamentary committee was not granted access to the
NSA's selectors list as an appeal led by opposition politicians failed
at Germany's top court. Instead the ruling coalition appointed an
administrative judge,
Kurt Graulich [de],
as a "person of trust" who was granted access to the list and briefed
the investigative commission on its contents after analyzing the 40,000
parameters. In his almost 300-paged report
Graulich concluded that European government agencies were targeted
massively and that Americans hence broke contractual agreements. He also
found that German targets which received special protection from
surveillance of domestic intelligence agencies by
Germany's Basic Law (Grundgesetz) − including numerous enterprises based in Germany – were featured in the NSA's wishlist in a surprising plenitude.