Report to Congress on Foreign Economic Collection and

COUNTERINTELLIGENCE
O F F I C E
October 2011
O F
T H E
N A T I O N A L
C O U N T E R I N T E L L I G E N C E
E X E C U T I V E
Ta b l e o f C o n t e n t s
i
iii
1
1
1
2
2
3
4
5
5
6
6
6
6
7
8
9
10
10
10
An n e x A
An n e x B
L i s t o f Te xt Boxes
2
4
L i s t o f C harts
4
6
7
9
i
Executive Summary
U S Te chnol og i es an d Trad e Secrets at Risk in Cybe r spac e
P e r va s i v e Threat from Adversari es and Partners
O ut l o o k
ii
iii
Sc o p e N o t e
Ne w F o c us an d Ad d i ti on al R es ourc e s Use d for This Year ’s Re por t
D e f i n i t i o ns of Key Ter ms
legal criteria
trade secrets
Economic espionage
Industrial espionage
Cyberspace
C o nt r i but ors
Foreign Spies Stealing US Economic Secrets in Cyberspace
1
U S Te c h n ologies and Trade Secrets
a t R i s k i n Cyberspace
T h e A p p e al of Collecting in
C y be r s pa c e
2
Non-Cyber Methods of Economic
Espio nage
Although this assessment focuses on the use of cyber
in use.
Foreign collectors
Foreign
Whether
3
Foreign collectors are
L a rge but U n certai n Cos ts
The Cost of Economic Espionage t o
One Co mpa ny
4
Per vasive Threat from Intelligenc e
Adv e r s a r ie s a nd Pa r tne r s
A P o s s i b l e Proxy Measure of the
C o s t s o f Economic Espionage to the
U ni t e d S t ates
5
C h i n a : P e rsistent Collector
Russia: Extensive, Sophisticated
Ope rations
c
c
6
N e ar Ce r ta intie s
U S P a r t ne rs : Lev erag i n g Acces s
Outlook
7
8
Military technologies.
Marine systems.
Clean technologies.
9
technologies.
e
Agricultural technology.
e
10
Hackers for hire
P o s s i bl e Gam e Ch an g ers
11
12
Pag e le ft inte ntionally blank
An n e x A
I n t e l l i g e n ce Community and Private
S e c t o r M easures to Counter
E c o n o m i c Espionage and Manage
C o l l e c t i o n i n C yberspace
Defense Model Shows Limits to
Ma ndato r y Re por ting Re quire me nts
I nt e l l i ge nc e Com m u n i ty R es p on se s
year.
Cor porate Re sponses
espionage.
Judicial Mandate for Boards of
Directors To Secure Corporate
Infor ma tion
system or controls or fail to monitor such systems.
Best Practices in Data Protection Strategies and Due Diligence for Corporations
Information Strategy
s$EVELOPAhTRANSPARENCYSTRATEGYvTHATDETERMINESHOWCLOSEDOROPENTHECOMPANYNEEDSTOBEBASEDONTHE
services provided.
Insider Threat Programs and Awareness
s)NSTITUTESECURITYTRAININGANDAWARENESSCAMPAIGNSCONVEYTHREATSTOCOMPANYINFORMATIONACCESSEDTHROUGHPORTABLEDEVICESANDWHENTRAVELINGABROAD
s%STABLISHANINSIDERTHREATPROGRAMTHATCONSISTSOFINFORMATIONTECHNOLOGYENABLEDTHREATDETECTIONFOREIGNTRAVELAND
CONTACTNOTIlCATIONSPERSONNELSECURITYANDEVALUATIONINSIDERTHREATAWARENESSANDTRAININGANDREPORTING
and analysis.
s#ONDUCTBACKGROUNDCHECKSTHATVETUSERSBEFOREPROVIDINGTHEMCOMPANYINFORMATION
s)MPLEMENTNONDISCLOSUREAGREEMENTSWITHEMPLOYEESANDBUSINESSPARTNERS
s%STABLISHEMPLOYEEEXITPROCEDURESMOSTEMPLOYEESWHOSTEALINTELLECTUALPROPERTYCOMMITTHETHEFTWITHINONEMONTH
of resignation.
Effective Data Management
s'ETAHANDLEONCOMPANYDATAˆNOTJUSTINDATABASESBUTALSOINEMAILMESSAGESONINDIVIDUALCOMPUTERSANDAS
DATAOBJECTSINWEBPORTALSCATEGORIZEANDCLASSIFYTHEDATAANDCHOOSETHEMOSTAPPROPRIATESETOFCONTROLSAND
MARKINGSFOREACHCLASSOFDATAIDENTIFYWHICHDATASHOULDBEKEPTANDFORHOWLONG5NDERSTANDTHATITISIMPOSSIBLE
to protect everything.
s%STABLISHCOMPARTMENTALIZEDACCESSPROGRAMSTOPROTECTUNIQUETRADESECRETSANDPROPRIETARYINFORMATIONCENTRALIZE
INTELLECTUALPROPERTYDATAˆWHICHWILLMAKEFORBETTERSECURITYANDFACILITATEINFORMATIONSHARING
s2ESTRICTDISTRIBUTIONOFSENSITIVEDATAESTABLISHASHAREDDATAINFRASTRUCTURETOREDUCETHEQUANTITYOFDATAHELDBYTHE
ORGANIZATIONANDDISCOURAGEUNNECESSARYPRINTINGANDREPRODUCTION
Network Security, Auditing, and Monitoring
s#ONDUCTREALTIMEMONITORINGAUDITINGOFTHENETWORKSMAINTAINTHOROUGHRECORDSOFWHOISACCESSINGSERVERS
ANDMODIFYINGCOPYINGDELETINGORDOWNLOADINGlLES
s)NSTALLSOFTWARETOOLSˆCONTENTMANAGEMENTDATALOSSPREVENTIONNETWORKFORENSICSˆONINDIVIDUALCOMPUTER
WORKSTATIONSTOPROTECTlLES
s%NCRYPTDATAONSERVERSANDPASSWORDPROTECTCOMPANYINFORMATION
s)NCORPORATEMULTIFACTORAUTHENTICATIONMEASURESˆBIOMETRICS0).SANDPASSWORDSCOMBINEDWITHKNOWLEDGEBASED
QUESTIONSˆTOHELPVERIFYUSERSOFINFORMATIONANDCOMPUTERSYSTEMS
s#REATEAFORMALCORPORATEPOLICYFORMOBILITYˆDEVELOPMEASURESFORCENTRALLYCONTROLLINGANDMONITORINGWHICH
DEVICESCANBEATTACHEDTOCORPORATENETWORKSANDSYSTEMSANDWHATDATACANBEDOWNLOADEDUPLOADEDAND
stored on them.
s&ORMALIZEASOCIALMEDIAPOLICYFORTHECOMPANYANDIMPLEMENTSTRATEGIESFORMINIMIZINGDATALOSSFROMONLINE
SOCIALNETWORKING
Contingency Planning
s%STABLISHACONTINUITYOFOPERATIONSPLANˆBACKUPDATAANDSYSTEMSCREATEDISASTERRECOVERYPLANSANDPLAN
for data breach contingencies.
s#ONDUCTREGULARPENETRATIONTESTINGOFCOMPANYINFRASTRUCTUREASWELLASOFTHIRDPARTYSHAREDSERVICE
provider systems.
s%STABLISHDOCUMENTCREATIONRETENTIONANDDESTRUCTIONPOLICIES
Resources for Help
s#ONTACT/.#)8ORTHE&")FORASSISTANCEINDEVELOPINGEFFECTIVEDATAPROTECTIONSTRATEGIES)FADATABREACHIS
SUSPECTEDCONTACTTHE&")OROTHERLAWENFORCEMENTORGANIZATIONSFORHELPINIDENTIFYINGANDNEUTRALIZINGTHETHREAT
Pag e le ft inte ntionally blank
An n e x B
We s t a n d East Accuse China and
R u s s i a o f Econom i c Espi onage
technology.
malfeasance against China.
F ra n c e ’s Renault Affair Highlights
Te n d e n cy to B l am e Ch i n a
Countries Suspect Each Other of
Committing Ec o nomic Espionage
C h i n a ’s R esponse to Allegations of
Ec o no m i c E s p i on ag e
perpetrators of economic espionage “among
Corporate Leaders Speak Out on
Chine se Espionage
Chinese espionage as a threat to their companies.
G e r m a n E spionage Legislation Has
L i m i t e d R e s u l ts
through cyberspace.
Pag e le ft inte ntionally blank