The Impact Of Economic Espionage

Uploaded on 2018-08-21 in NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW

The US National Counterintelligence and Security Center (NCSC) has released its 2018 Foreign Economic Espionage in Cyberspace report, which highlights current threats and future trends in foreign intelligence efforts to steal US intellectual property, trade secrets, and proprietary information via cyberspace.

“Our goal in releasing this document is simple: to provide US industry and the public with the latest unclassified information on foreign efforts to steal US trade secrets through cyberspace,” said William R. Evanina, Director of the NCSC.

“Building an effective response to this tremendous challenge demands understanding economic espionage as a worldwide, multi-vector threat to the integrity of both the US economy and global trade.”

The report underscores the strategic threat of cyber economic espionage, noting that next generation technologies such as Artificial Intelligence and the Internet-of-Things offer great opportunities, but also introduce new vulnerabilities to US networks for which the cybersecurity community largely remains unprepared.

The report also provides insights into the most pervasive nation-state threat actors, including China, Russia and Iran, and recent examples of their economic espionage activities in the United States through cyberspace.

Despite advances in cybersecurity, the report notes that cyber espionage offers such actors a relatively low-cost, high-yield avenue to obtain a wide spectrum of US intellectual property.

The report also identifies those US industrial sectors and technologies that are of greatest interest to foreign threat actors, including energy, biotechnology, defense, environmental protection, high-end manufacturing, and information and communications technology.

In addition, the report highlights several emerging threats that warrant attention, including:

  • Software supply chain infiltration, which has already threatened the US critical infrastructure and is poised to threaten other sectors. According to the report, 2017 represented a watershed year for public reporting of such incidents.
    There were numerous events involving hackers targeting software supply chains with backdoors for cyber espionage, organisational disruption or demonstrable financial impact
  • Laws in foreign countries, such as those in China and Russia, that can pose an increased intellectual property risk to US companies doing business there.
    The report notes that China’s 2017 cyber-security law mandates that foreign companies submit their technology to the Chinese government for national security reviews; and that Russia has dramatically increased its demand of source code reviews, which are overseen by Russian intelligence, to approve of foreign technology sold in their country
  • Foreign technology firms that are subject to foreign state influence or have links to foreign governments with high-threat intelligence services.

Citing the examples of Kaspersky Lab and Netcracker Technology Corp., the report notes that such companies often provide services that require access to control points of computer networks they support, presenting opportunities for foreign nations to acquire sensitive information.

Office of the Director of US National Intelliegence

You Might Also Read: 

US Spy Chiefs Look For UK Guidance On Cybersecurity:

The US National Security Agency Is On The Ropes:

« Hackers Can Buy Tools To Attack Your Business For $40
Phishing Tools Used To Attack The Power Grid »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

QASymphony

QASymphony

QASymphony software testing and QA tools help companies create better software by improving speed, efficiency and collaboration during the testing lifecycle.

Olfeo

Olfeo

Olfeo is a content filtering software vendor. Our proxy and filtering solution helps our customers to manage, monitor and secure their Internet traffic.

Tata Consultancy Services

Tata Consultancy Services

Tata Consultancy Services is a global leader in IT services, consulting & business solutions including cyber security.

Tigera

Tigera

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.

Real Protect

Real Protect

Real Protect is a Brazilian provider of managed security (MSS) and cyber defense services.

ImmuniWeb

ImmuniWeb

We Simplify, Accelerate and Reduce Costs of Security Testing, Protection and Compliance.

SolidRun

SolidRun

SolidRun is a leading provider of computing and network technology designed to streamline the deployment of edge computing infrastructure and support embedded and IoT markets.

Halogen Group

Halogen Group

Halogen Group is the leading Security Solutions Provider in West Africa. Services encompass Physical Security, Electronic Security, Virtual & Cyber Security, Risk Assessments and Training.

Polestar Industrial IT

Polestar Industrial IT

Polestar work on both sides of the IT & OT divide. Network, Data & Asset Security is our priority. Polestar installations are robust and resilient and comply with the appropriate security.

Hushmesh

Hushmesh

Hushmesh is a start-up aimed at securing the world’s digital infrastructure by developing develop the Mesh, a global information space with automated security built in.

ProvenRun

ProvenRun

ProvenRun is a leading provider of trusted software solutions with extensive expertise and an unwavering commitment to security.

NMi Group

NMi Group

NMi Group is a global pioneer in mission-critical Testing, Inspection, Certification, and Calibration (TICC) services.

Cynch Security

Cynch Security

Cynch Security are passionate about building a world where every business is resilient to cybersecurity risks, no matter what their size.

Sword Group

Sword Group

Sword is a leader in data insights, digital transformation and technology services with a substantial reputation in complex IT, business projects and mission critical operations.

Amiosec

Amiosec

Amiosec is a British cyber innovation business specialising in delivering simple-to-use solutions to the complex problems of the modern world.

Idenhaus Consulting

Idenhaus Consulting

Idenhaus specializes in Cybersecurity and Identity Management (IAM) Consulting.