How Secure Is Your Data – What About China?
The big companies have had their share of horror stories with credit card theft this year, but are you and your customers watching the trends in Espionage? Earlier this month I interviewed a couple of former NSA agents to give technology providers some insights into cybercrime trends and a war we are all involved in. Summer Worden, one of my guests on the SVLC Insider’s Circle Program talked about Russian and China, revealing some of the hidden agendas and what to expect in the future. Much of this is driven by Economics according to Worden. China’s economy needs more innovation, and what better way to get it than to take it from the United States?
Espionage Is Hitting Businesses Right Now
This week in the Wall Street Journal, FRANK J. CILLUFFO AND SHARON L. CARDASH gave us more on this. Here’s a sound bite that should shock us; “The FBI reports a significant spike in its number of economic espionage cases: a 53% increase just this past year.” Where is this coming from and what’s driving it?
According to the article, “Randall Coleman, the head of the FBI’s counterintelligence division, told the Wall Street Journal in July that much of the suspicious activity is performed by Chinese companies against U.S. firms and that the Chinese government plays “a significant role” in the attempted theft of trade secrets.” Espionage, as pictured in movies is generally dealing with government data – like the recent OPM hack I wrote on a few weeks ago. But this is about business. These are companies, targeting companies that have new ideas, strategies, and innovations that the competition in China will benefit from.
In Kevin Mitnick’s book, The Art of Deception, he shares the tale of a businessman entering a small business responsible for developing high tech manufacturing equipment. The man approaches the front desk asking to see the president of the company. The receptionist informs him that the president is out of the country and unavailable. At that point the businessman begins to fumble through his planner, double checking his meeting. He’s flown in from out of town, and is supposed to be meeting the president to discuss a joint venture. There must be a mistake!
In a last ditch effort, he asks if the development team is in – perhaps he can take them out to lunch to review the plan he and the president have come up with. They agree, and into the development area he goes. They spend several hours discussing the latest drawings and plans – the company’s latest top secret innovations. The businessman takes a few pictures, and heads out, promising to reconnect next week when the president returns.
You probably guessed – but when the president returns, and the team reviews their recent meeting, the president has no idea who they are talking about. This is a case of economic espionage, and chances are the business guy is now back in his own lab building a “Copy-Cat” product with only a few months of R&D vs. the decade the first company spent developing these ideas.
No Need to Go Onsite
Like your evolving managed services program (if you are an MSP), you no longer have to go onsite to do your work…the same is true when it comes to stealing company secrets. As the WSJ article states, “If you place yourself in the shoes of those playing economic catch-up, why invest millions in R&D if you can simply steal it at a fraction of the cost, especially with just a few clicks of a mouse?”. Now that everything is connected and online, stealing information is simple.
Cilluffo and Cardash rightly point at that, “The theft of intellectual property and trade secrets destroys jobs in this country, and undermines the nation’s economic competitiveness by striking at the heart of U.S. innovation.” And in this case, nation states are behind these acts of war! Years ago I read in another WSJ article, “This is a slow sifting of the American Economy,…and because it lacks the alarming explosions and bodybags, no one is really paying attention.” At some point we will find our bank accounts empty, and our businesses collapsed.
No One Is Claiming Responsibility, But Who’s Investigating This?
Terrorists claim responsibility when they blow things up. They want us to be afraid. In a war, the opposing country generally announces their demands and threats of invasion. In this case, the thief is not interested in being known – they have no demands. They are looking for a competitive advantage. It’s to their benefit that no one know what they are up to. If they can silently get away with strategic information, they can recreate a product in their own lab, with a fraction of the required investments in time and money. With their copy-cat product in hand, they are now able to sell it at a fraction of the cost. Recovering their investment is easy – they didn’t spend their own money on this invention.
What to Do About It
In the WSJ Article, the writers tell us, “Recent reporting suggests that the Administration is striving to craft an innovative and calibrated response to the OPM hack in light of its scale. This is a significant development in the ongoing match of Spy vs. Spy on steroids. An equally compelling answer is needed to China’s economic espionage against the United States. Time is money in this context — but more importantly, it is national security.”
It’s true, our government needs to get on this. In a recent Presidential speech I heard Obama say that our greatest threat right now is environmental…I have to respectfully disagree. Without a doubt, I believe it’s cybercrime – Hacktivists, Nation States, and Cybercriminals. All three are attacking everything from your personal data, to company innovation, to our nation’s intelligence. As a technology provider I want to encourage you to start educating your clients – everything must be secure, and it can’t wait for the next budget cycle or a government mandate. Like a doctor sharing the diagnosis of cancer with a patient, it’s up to us to convince them to begin treatment. This is not about insurance, it’s about preservation.
“Those who say they have it covered are either ignorant or lying to you.” – A quote from my most recent book, The House & The Cloud 2nd Edition.
© 2015, David Stelzl
P.S. If you want more on how to convince your customers they need better security, this book explains how to do it…(click to see it on Amazon.com).