The Impact Of Economic Espionage

Uploaded on 2018-08-21 in NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW

The US National Counterintelligence and Security Center (NCSC) has released its 2018 Foreign Economic Espionage in Cyberspace report, which highlights current threats and future trends in foreign intelligence efforts to steal US intellectual property, trade secrets, and proprietary information via cyberspace.

“Our goal in releasing this document is simple: to provide US industry and the public with the latest unclassified information on foreign efforts to steal US trade secrets through cyberspace,” said William R. Evanina, Director of the NCSC.

“Building an effective response to this tremendous challenge demands understanding economic espionage as a worldwide, multi-vector threat to the integrity of both the US economy and global trade.”

The report underscores the strategic threat of cyber economic espionage, noting that next generation technologies such as Artificial Intelligence and the Internet-of-Things offer great opportunities, but also introduce new vulnerabilities to US networks for which the cybersecurity community largely remains unprepared.

The report also provides insights into the most pervasive nation-state threat actors, including China, Russia and Iran, and recent examples of their economic espionage activities in the United States through cyberspace.

Despite advances in cybersecurity, the report notes that cyber espionage offers such actors a relatively low-cost, high-yield avenue to obtain a wide spectrum of US intellectual property.

The report also identifies those US industrial sectors and technologies that are of greatest interest to foreign threat actors, including energy, biotechnology, defense, environmental protection, high-end manufacturing, and information and communications technology.

In addition, the report highlights several emerging threats that warrant attention, including:

  • Software supply chain infiltration, which has already threatened the US critical infrastructure and is poised to threaten other sectors. According to the report, 2017 represented a watershed year for public reporting of such incidents.
    There were numerous events involving hackers targeting software supply chains with backdoors for cyber espionage, organisational disruption or demonstrable financial impact
  • Laws in foreign countries, such as those in China and Russia, that can pose an increased intellectual property risk to US companies doing business there.
    The report notes that China’s 2017 cyber-security law mandates that foreign companies submit their technology to the Chinese government for national security reviews; and that Russia has dramatically increased its demand of source code reviews, which are overseen by Russian intelligence, to approve of foreign technology sold in their country
  • Foreign technology firms that are subject to foreign state influence or have links to foreign governments with high-threat intelligence services.

Citing the examples of Kaspersky Lab and Netcracker Technology Corp., the report notes that such companies often provide services that require access to control points of computer networks they support, presenting opportunities for foreign nations to acquire sensitive information.

Office of the Director of US National Intelliegence

You Might Also Read: 

US Spy Chiefs Look For UK Guidance On Cybersecurity:

The US National Security Agency Is On The Ropes:

« Hackers Can Buy Tools To Attack Your Business For $40
Phishing Tools Used To Attack The Power Grid »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Verisec International

Verisec International

Verisec International AB is a Swedish Tech company focused since inception in enabling Trust in Digital Transactions, through the development of proprietary cutting-edge technologies and services.

SiteLock

SiteLock

SiteLock is a global leader in website security solutions. We provide affordable, cybersecurity software solutions designed to allow small to midsize businesses to operate without fear of an attack.

National Cyber Security Directorate (DNSC) - Romania

National Cyber Security Directorate (DNSC) - Romania

DNSC (formerly CERT-RO) is the Romanian national cyber security and incident response team.

Karlsruhe Institute of Technology (KIT)

Karlsruhe Institute of Technology (KIT)

KIT is a leading research and education institutions with strong capabilities in information systems and security.

Uleska

Uleska

Uleska is a scalable platform that provides automated and continuous software security testing whilst translating cyber risk.

Ntirety

Ntirety

Ntirety Managed Security Services offer enterprise businesses the advanced tools, processes, and support to ensure your infrastructure, networks, and mission-critical applications are secure.

CyberKnight Technologies

CyberKnight Technologies

CyberKnight Technologies is a cybersecurity focused value-added-distributor (VAD) headquartered in Dubai and covering the Middle East.

DataPassports

DataPassports

DataPassports is a data-centric security and privacy solution that enforces privacy and security from end-to-end with transparent protection of data at the source.

HighPoint

HighPoint

HighPoint is a leading technology infrastructure solutions provider offering consultancy, solutions and managed services for network infrastructure and cybersecurity.

Berezha Security Group (BSG)

Berezha Security Group (BSG)

BSG is a cybersecurity consulting firm specializing in all aspects of application security and penetration testing.

Securosys

Securosys

Securosys is a technology company dedicated to securing data and communications. We develop, produce, and distribute hardware, software and services that protect and verify data and their transmission

Mitiga

Mitiga

Mitiga uniquily combines the top cybersecurity minds in Incident Readiness and Response with a cloud-based platform for cloud and hybrid environments.

Strike Security

Strike Security

Strike Security offers a continuous penetration testing platform that combines automation with ethical hackers.

Conceal

Conceal

Conceal’s mission is to stop ransomware and credential theft for companies of all sizes by developing innovative solutions that provide social engineering protection in any browser.

Tenchi Security

Tenchi Security

Tenchi Security are specialized in Third-Party Cyber Risk Management (TPCRM) and aim to reduce information asymmetry when it comes to third and Nth-Party security and compliance risk management.

AUCyber

AUCyber

AUCyber is a leading provider of managed cyber security solutions and consultancy services, specialising in supporting Australian organisations and Government agencies.