COUNTERINTELLIGENCE O F F I C E October 2011 O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E E X E C U T I V E Ta b l e o f C o n t e n t s i iii 1 1 1 2 2 3 4 5 5 6 6 6 6 7 8 9 10 10 10 An n e x A An n e x B L i s t o f Te xt Boxes 2 4 L i s t o f C harts 4 6 7 9 i Executive Summary U S Te chnol og i es an d Trad e Secrets at Risk in Cybe r spac e P e r va s i v e Threat from Adversari es and Partners O ut l o o k ii iii Sc o p e N o t e Ne w F o c us an d Ad d i ti on al R es ourc e s Use d for This Year ’s Re por t D e f i n i t i o ns of Key Ter ms legal criteria trade secrets Economic espionage Industrial espionage Cyberspace C o nt r i but ors Foreign Spies Stealing US Economic Secrets in Cyberspace 1 U S Te c h n ologies and Trade Secrets a t R i s k i n Cyberspace T h e A p p e al of Collecting in C y be r s pa c e 2 Non-Cyber Methods of Economic Espio nage Although this assessment focuses on the use of cyber in use. Foreign collectors Foreign Whether 3 Foreign collectors are L a rge but U n certai n Cos ts The Cost of Economic Espionage t o One Co mpa ny 4 Per vasive Threat from Intelligenc e Adv e r s a r ie s a nd Pa r tne r s A P o s s i b l e Proxy Measure of the C o s t s o f Economic Espionage to the U ni t e d S t ates 5 C h i n a : P e rsistent Collector Russia: Extensive, Sophisticated Ope rations c c 6 N e ar Ce r ta intie s U S P a r t ne rs : Lev erag i n g Acces s Outlook 7 8 Military technologies. Marine systems. Clean technologies. 9 technologies. e Agricultural technology. e 10 Hackers for hire P o s s i bl e Gam e Ch an g ers 11 12 Pag e le ft inte ntionally blank An n e x A I n t e l l i g e n ce Community and Private S e c t o r M easures to Counter E c o n o m i c Espionage and Manage C o l l e c t i o n i n C yberspace Defense Model Shows Limits to Ma ndato r y Re por ting Re quire me nts I nt e l l i ge nc e Com m u n i ty R es p on se s year. Cor porate Re sponses espionage. Judicial Mandate for Boards of Directors To Secure Corporate Infor ma tion system or controls or fail to monitor such systems. Best Practices in Data Protection Strategies and Due Diligence for Corporations Information Strategy s$EVELOPAhTRANSPARENCYSTRATEGYvTHATDETERMINESHOWCLOSEDOROPENTHECOMPANYNEEDSTOBEBASEDONTHE services provided. Insider Threat Programs and Awareness s)NSTITUTESECURITYTRAININGANDAWARENESSCAMPAIGNSCONVEYTHREATSTOCOMPANYINFORMATIONACCESSEDTHROUGHPORTABLEDEVICESANDWHENTRAVELINGABROAD s%STABLISHANINSIDERTHREATPROGRAMTHATCONSISTSOFINFORMATIONTECHNOLOGYENABLEDTHREATDETECTIONFOREIGNTRAVELAND CONTACTNOTIlCATIONSPERSONNELSECURITYANDEVALUATIONINSIDERTHREATAWARENESSANDTRAININGANDREPORTING and analysis. s#ONDUCTBACKGROUNDCHECKSTHATVETUSERSBEFOREPROVIDINGTHEMCOMPANYINFORMATION s)MPLEMENTNONDISCLOSUREAGREEMENTSWITHEMPLOYEESANDBUSINESSPARTNERS s%STABLISHEMPLOYEEEXITPROCEDURESMOSTEMPLOYEESWHOSTEALINTELLECTUALPROPERTYCOMMITTHETHEFTWITHINONEMONTH of resignation. Effective Data Management s'ETAHANDLEONCOMPANYDATANOTJUSTINDATABASESBUTALSOINEMAILMESSAGESONINDIVIDUALCOMPUTERSANDAS DATAOBJECTSINWEBPORTALSCATEGORIZEANDCLASSIFYTHEDATAANDCHOOSETHEMOSTAPPROPRIATESETOFCONTROLSAND MARKINGSFOREACHCLASSOFDATAIDENTIFYWHICHDATASHOULDBEKEPTANDFORHOWLONG5NDERSTANDTHATITISIMPOSSIBLE to protect everything. s%STABLISHCOMPARTMENTALIZEDACCESSPROGRAMSTOPROTECTUNIQUETRADESECRETSANDPROPRIETARYINFORMATIONCENTRALIZE INTELLECTUALPROPERTYDATAWHICHWILLMAKEFORBETTERSECURITYANDFACILITATEINFORMATIONSHARING s2ESTRICTDISTRIBUTIONOFSENSITIVEDATAESTABLISHASHAREDDATAINFRASTRUCTURETOREDUCETHEQUANTITYOFDATAHELDBYTHE ORGANIZATIONANDDISCOURAGEUNNECESSARYPRINTINGANDREPRODUCTION Network Security, Auditing, and Monitoring s#ONDUCTREALTIMEMONITORINGAUDITINGOFTHENETWORKSMAINTAINTHOROUGHRECORDSOFWHOISACCESSINGSERVERS ANDMODIFYINGCOPYINGDELETINGORDOWNLOADINGlLES s)NSTALLSOFTWARETOOLSCONTENTMANAGEMENTDATALOSSPREVENTIONNETWORKFORENSICSONINDIVIDUALCOMPUTER WORKSTATIONSTOPROTECTlLES s%NCRYPTDATAONSERVERSANDPASSWORDPROTECTCOMPANYINFORMATION s)NCORPORATEMULTIFACTORAUTHENTICATIONMEASURESBIOMETRICS0).SANDPASSWORDSCOMBINEDWITHKNOWLEDGEBASED QUESTIONSTOHELPVERIFYUSERSOFINFORMATIONANDCOMPUTERSYSTEMS s#REATEAFORMALCORPORATEPOLICYFORMOBILITYDEVELOPMEASURESFORCENTRALLYCONTROLLINGANDMONITORINGWHICH DEVICESCANBEATTACHEDTOCORPORATENETWORKSANDSYSTEMSANDWHATDATACANBEDOWNLOADEDUPLOADEDAND stored on them. s&ORMALIZEASOCIALMEDIAPOLICYFORTHECOMPANYANDIMPLEMENTSTRATEGIESFORMINIMIZINGDATALOSSFROMONLINE SOCIALNETWORKING Contingency Planning s%STABLISHACONTINUITYOFOPERATIONSPLANBACKUPDATAANDSYSTEMSCREATEDISASTERRECOVERYPLANSANDPLAN for data breach contingencies. s#ONDUCTREGULARPENETRATIONTESTINGOFCOMPANYINFRASTRUCTUREASWELLASOFTHIRDPARTYSHAREDSERVICE provider systems. s%STABLISHDOCUMENTCREATIONRETENTIONANDDESTRUCTIONPOLICIES Resources for Help s#ONTACT/.#)8ORTHE&")FORASSISTANCEINDEVELOPINGEFFECTIVEDATAPROTECTIONSTRATEGIES)FADATABREACHIS SUSPECTEDCONTACTTHE&")OROTHERLAWENFORCEMENTORGANIZATIONSFORHELPINIDENTIFYINGANDNEUTRALIZINGTHETHREAT Pag e le ft inte ntionally blank An n e x B We s t a n d East Accuse China and R u s s i a o f Econom i c Espi onage technology. malfeasance against China. F ra n c e ’s Renault Affair Highlights Te n d e n cy to B l am e Ch i n a Countries Suspect Each Other of Committing Ec o nomic Espionage C h i n a ’s R esponse to Allegations of Ec o no m i c E s p i on ag e perpetrators of economic espionage “among Corporate Leaders Speak Out on Chine se Espionage Chinese espionage as a threat to their companies. G e r m a n E spionage Legislation Has L i m i t e d R e s u l ts through cyberspace. Pag e le ft inte ntionally blank
© Copyright 2024