The Impact Of Economic Espionage

The US National Counterintelligence and Security Center (NCSC) has released its 2018 Foreign Economic Espionage in Cyberspace report, which highlights current threats and future trends in foreign intelligence efforts to steal US intellectual property, trade secrets, and proprietary information via cyberspace.

“Our goal in releasing this document is simple: to provide US industry and the public with the latest unclassified information on foreign efforts to steal US trade secrets through cyberspace,” said William R. Evanina, Director of the NCSC.

“Building an effective response to this tremendous challenge demands understanding economic espionage as a worldwide, multi-vector threat to the integrity of both the US economy and global trade.”

The report underscores the strategic threat of cyber economic espionage, noting that next generation technologies such as Artificial Intelligence and the Internet-of-Things offer great opportunities, but also introduce new vulnerabilities to US networks for which the cybersecurity community largely remains unprepared.

The report also provides insights into the most pervasive nation-state threat actors, including China, Russia and Iran, and recent examples of their economic espionage activities in the United States through cyberspace.

Despite advances in cybersecurity, the report notes that cyber espionage offers such actors a relatively low-cost, high-yield avenue to obtain a wide spectrum of US intellectual property.

The report also identifies those US industrial sectors and technologies that are of greatest interest to foreign threat actors, including energy, biotechnology, defense, environmental protection, high-end manufacturing, and information and communications technology.

In addition, the report highlights several emerging threats that warrant attention, including:

  • Software supply chain infiltration, which has already threatened the US critical infrastructure and is poised to threaten other sectors. According to the report, 2017 represented a watershed year for public reporting of such incidents.
    There were numerous events involving hackers targeting software supply chains with backdoors for cyber espionage, organisational disruption or demonstrable financial impact
  • Laws in foreign countries, such as those in China and Russia, that can pose an increased intellectual property risk to US companies doing business there.
    The report notes that China’s 2017 cyber-security law mandates that foreign companies submit their technology to the Chinese government for national security reviews; and that Russia has dramatically increased its demand of source code reviews, which are overseen by Russian intelligence, to approve of foreign technology sold in their country
  • Foreign technology firms that are subject to foreign state influence or have links to foreign governments with high-threat intelligence services.

Citing the examples of Kaspersky Lab and Netcracker Technology Corp., the report notes that such companies often provide services that require access to control points of computer networks they support, presenting opportunities for foreign nations to acquire sensitive information.

Office of the Director of US National Intelliegence

You Might Also Read: 

US Spy Chiefs Look For UK Guidance On Cybersecurity:

The US National Security Agency Is On The Ropes:

« Hackers Can Buy Tools To Attack Your Business For $40
Phishing Tools Used To Attack The Power Grid »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

TraceSecurity

TraceSecurity

TraceSecurity, a leading pioneer in cloud-based security solutions, provides IT governance, risk and compliance (GRC) management solutions.

Alliance for Cyber Security

Alliance for Cyber Security

An alliance of all major players in the field of cyber security in Germany with a mission to strengthen Germany’s resistance to cyber-attacks.

BitRaser

BitRaser

BitRaser serves your needs for a managed & certified data erasure solution that can support internal & external corporate audit requirements with traceable reporting.

StationX

StationX

StationX is a leading provider of cyber security training, consultancy and services.

idappcom

idappcom

idappcom provides unique industry approved software solutions for auditing and enhancing the threat recognition and response capabilities of your corporate security defences.

Mako Networks

Mako Networks

The Mako System is an award winning networking and security service designed specifically for SMEs and branch offices of larger organisations.

AKS IT Services

AKS IT Services

AKS IT Services (an ISO 9001:2015 and ISO 27001:2013 certified company) is a leading IT Security Services and Solutions provider.

Matias Consulting Group (MCG)

Matias Consulting Group (MCG)

Your Business needs competitive and resilient ICT solutions. MCG defines, deploy & support them enabling you to focus on your core business.

ResponSight

ResponSight

ResponSight is a data science company focusing specifically on the challenge of measuring risk and identifying changes in enterprise/corporate networks using behavioural analytics.

CloudSphere

CloudSphere

CloudSphere’s flagship Cloud Governance Platform enables enterprises and cloud service providers to simplify and optimize cloud migration, management, and governance.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

Packetlabs

Packetlabs

Packetlabs specializes in penetration testing services and application security.

Nostra

Nostra

Nostra are a next generation managed services provider with a constant focus on Security and Business Continuity.

QuantiCor Security

QuantiCor Security

QuantiCor Security is one of the world’s leading developers and manufacturers of quantum computer resistant security solutions for IT infrastructures and the Internet of Things (IoT).

Secure Cyber Defense

Secure Cyber Defense

Secure Cyber Defense provides expert cybersecurity consulting and managed detection and response services to companies, local government, schools and universities.

Circle Security

Circle Security

Circle’s breakthrough security API unifies solutions for identity and data security into one architecture and empowers organizations to secure their identity, data and privacy in their applications.