The Issue of Industrial Espionage - Term Paper Example

Policy response and intelligence changes in United States of America in addressing cyber technology or human espionage threat Introduction Espionage is the practice of spying or using spies to get information about the activities and plans of a foreign government or a competing company1. Many USA corporations have been threatened by industrial espionage in recent past2. Most of these attacks have been internationally sponsored spying on USA high tech firms which operate in international markets. Evidence have emerged that these spying is being sponsored by foreign governments3. The USA government has realized the international threat to its business sector that is being promoted by well educated and aggressive international spy rings4. The US has always found itself lagging behind in measures to counter this international spy rings partly due to budget constraint and partly due to lack of threat recognition corporate structure and necessary management control5. As a consequence corporate America has always found itself reacting to problems after encountering major losses6. United States of America is also facing military espionage from countries such as Russia which are presumed to lack domestic innovation and foreign direct investment. The necessity to combat espionage The survival of corporate America in the new world order of high tech competition depends on combating espionage on US companies by foreign government sponsored spying activities7. The increased research and development costs also call for an immediate action to stop espionage that is costing the country enormous amount of dollars8. The reduced time frame for recovery of research and development expenditures does not ogre well for Americans to allow foreign firms to reap the benefits of US corporate research and development via employment of industrial espionage9. This is a strong indication that some countries which have not been investing in domestic innovation and R&D are likely to turn to military espionage to remain at par with countries which have invested a lot in these sectors10. Of particular concern to US is Russia which has not been investing much in innovation and its lack of foreign direct investment in recent past11. This argument is based on Russia’s extraordinary corruption, historical precedence and very little foreign investment may make it to turn to espionage both industrial and military12. Thus there is need to put in place policies to combat possible military and industrial espionage from such countries13. Recent US intelligence reports indicate that China and Russia have been blamed by US for using cyber espionage to steal US trade and technology secrets in order to bolster their own economic development14. This has been seen to pose a threat to the prosperity and security of US. The availability of enormous data on computers and the difficulty in detection of espionage directed toward such data makes such data to be vulnerable to foreign spies. A report covering the period between 2009 and November 2011 indicate that Russia and China are using their intelligence services, corporations and individuals to steal US technologies. This is an indication that there is more that US needs to do in order to combat technology related and human related espionage on its information. It is not only Russia and China that were accused for funding espionage on US but also several other countries. The intelligence report further indicates that information technology and military technologies are likely to attract foreign sponsored espionage. Of particular interest, the report cites technology used in design and construction of unmanned aerial vehicles in addition to civilian technologies such as healthcare and pharmaceuticals and clean energy technologies15. The stealing of such technologies which have seen US incur enormous amount of dollars and resources to develop poses a threat to development and stability of US economy. Thus there is need to have effective policies in place to counter such a menace. Recent cyber espionage directed to US The most recent case of cyber espionage was unveiled in February 2011 when hackers linked to China were found to have conducted prolonged cyber espionage campaign directed at western energy companies16. However, it could not be confirmed whether these hackers were sponsored by Chinese government or not. Another sophisticated cyber attack whose origins were traced back to China was established in February 2010 and it targeted Google’s corporate infrastructure. It was established that these attacks resulted in stealing of intellectual property and infiltrated email accounts of Chinese human rights activists. Another cyber attack was found out in April 2009 where computer spies infiltrated the pentagon $300 billion Joint Strike Fighter project. Enormous amounts of data were stolen within seconds. The data was related to aircraft design and electronic systems. The origin of the attack was also traced back to china even though it was not established whether Chinese government was behind this espionage. This shows how the problem of cyber espionage is so advanced and needs well structured policies to combat it for both security and economical reasons. Policy response Cybercrime has been recognized to have evolved into a more organized and established transnational business17. States are hiring high technology online skills for the purpose of infiltrating competitors dat. In 2008 it was reported that automated attack tools used by cybercriminals had overwhelmed the methods that were in existence to counter and track internet cyber attacks18. This was seen as a threat to US critical infrastructure and economy. The availability of cybercrime and cyber attack services were said to pose a threat to US national security. When president Obama entered into office in 2009, he commissioned a review of the Comprehensive National Cybersecurity Initiative previous launched by President Bush administration19. The review addressed issues such as information and communication infrastructure; computer network defence; military and intelligence activities; law enforcement investigations; information insurance; counterterrorism; counterintelligence activities; telecommunication activities and other activities essential for protection of critical infrastructure. The review resulted in the Cyberspace Policy review which came up with various recommendations20. It proposed the creation of the cyber security coordinator in the White House; improved partnership with private sector, government and international community; increased cyber security and science education, increased efforts to improve cyber security innovation; and creation of a comprehensive framework to coordinate responses significant cyber incidents. The policy review indicated that private network providers consider their own responsibility to defend their networks and suggested that the government ought to play a role of incentivizing collective action via a combination of regulation or incentives. However, this policy review report was criticized in a January 2011 report on US cyber security. The report argued that no one protects private networks21. It proposed that the government ought to be involved in defending the private networks instead of leaving them to voluntary efforts. The report argued that the free market will not be able to deliver adequate security on time against advanced nation state opponents. Changes in intelligence In the US, the responsibility for cyber security is divided between the Department of Defense (DOD) and the Department of Homeland Security (DHS)22. The distribution of this mandate among two departments was necessitated by the November 2008 breach of DOD networks23. This enabled unnamed intelligence agency to steal critical operational plans without being detected. This breach resulted in Pentagon proclaiming cyberspace a fifth domain of warfare just like sea, land, air and space. This also resulted in integration of US Cyber Command in May 2010 into its cyber defence operations across the military24. This helped to leverage the technical expertise of the Defense Advanced Research Project Agency and the National Security Agency (NSA). The CYBERCOM helps in day to day protection of all defence networks; establishment of a single chain of command that runs up to the president and works with a variety of partners to share threat information and helps in coordinating responses. CYBERCOM only protects dot mil domain. Non military departments’ network protection is carried out by the DHS. The DHS uses the National Cybersecurity and Communication Integration Centre to protect “dot gov” domain25. The DHS protects 17 sectors of US critical infrastructure which includes the defence industrial base, financial systems, transportation networks and water works. The DHS and DOD signed a cyber security pact in September 2010 to enable DHS capitalize on the advanced expertise of DOD26. This also allowed the personnel co-location and joint operational planning element. The effectiveness of the measures The changes in intelligence and cyberspace policies can be said to have greatly improved government related networks27. From the discussion above and the cases cited it is apparent that espionage on government related data networks have not been reported since 2009 when the last espionage was reported before changes were effected in the US intelligence28. However, there are still concerns that opponents could be working hard to come up with sophisticated technologies to attack the government networks. The threat is even evident in the wake of some countries doing little in terms of military research and development. Thus much need to be done to protect the future of cyberspace security in US. In spite much having been done to protect government related data; it seems espionage has increased in the industrial sector29. From the above discussion it is apparent that industrial espionage directed toward US companies has been on the increase in recent past. The policy adopted by Obama administration that private companies need to provide themselves defence against cyber attack has been ineffective given the recent rise in the number of cyber attacks directed toward US companies. What more needs to be done The policy makers and business leaders in US need to bridge the gap that exists between the demands for independent cyber security for commercial companies and the national collective security imperatives to protect its important infrastructure. There is need for enforceable regulations and concrete government incentives in order to avoid scenarios where companies make risk management decisions on the basis of individual self interest. Even though the government has been mum on these issues, the country has lost enormous data that is now being utilized to drive other countries’ economies30. The rapid changes taking place in the cyberspace technologies call for dynamic changes in policy to take place in tandem with the ongoing changes in technology31. There is need to invest more in cyberspace security education and research to be able to address the ever evolving problem of cyberspace insecurity for both critical infrastructure and corporate data for US companies. Studies have indicated that higher education institutions in US have a tradition of openness, entrepreneurialism, and decentralization that is coupled with distributed computing power, electronic data stores, high speed networks and intellectual property. This tradition makes them to be much vulnerable to cyber threats. Thus policies put in place should ensure a balance between protection of data and support for openness in research, collaboration and innovation in higher learning institutions. Inn addition, there is need to involve experts in higher learning institutions in contributing toward technical and policy expertise to the national and international agenda on cyber security. Conclusion Cyberspace espionage is emerging as the most critical issues in today’s world. In spite the benefits of internet, the threats posed by it to both the security and economy of a country are enormous. USA is particularly in great danger of cyberspace espionage. The continuity attacks on critical infrastructure and corporate information are likely to have devastating effect on the economy and security of US. Even though recent changes in the intelligence system has been to some extent been able to address cyberspace threats directed toward military and other government infrastructure, the issue of the industrial espionage has not been adequately been addressed. Even the Obama administration commissioned review of cyberspace policy was not able to address the issue of industrial espionage. The recommendation that individual companies need to protect their own data has been criticized for not being adequate. Thus there is need for collaboration between US companies and the US government to address the issue of cyberspace espionage. The policies need also to evolve continuously in tandem with the evolving cyberspace threat in order to be able to address them effectively and on timely basis. This will assure US citizens of continued national security from its adversaries and continued economic prosperity. Reference Bartholomew, C. Report to Congress of the U. S. -China Economic and Security Review Commission, New York: DIANE Publishing, 2010 Charles J. Dunlap, Jr., Perspectives for Cyber Strategists on Law for Cyberwar, 5. Strategic Studies Quarterly 81-99 (Spring 2011) Ghosh, S. ‘Open Borders, the US Economic Espionage Act of 1996, and the Global Movement of Knowledge and People’. King's Law Journal, vol. 21, no. 1, February 2010, pp. 1-40 Gragido, W. and Pirc, J. Cybercrime and Espionage: An Analysis of Subversive Multivector Threats, Chicago: Elsevier, 2011 Hasheri, H. Economic espionage and industrial spying, Cambridge: Cambridge University Press, 2005 Lewis, J. Cybersecurity Two Years Later. A Report of the CSIS Commission on Cybersecurity for the 44th Presidency. January 2011, viewed on 8 November 2011, http://csis.org/files/publication/110128_Lewis_CybersecurityTwoYearsLater_Web.pdf NCIX Publications. National Counterintelligence Strategy of the United States. Office of the National Counterintelligence Executive. March 2005, viewed 8 November 2011, http://www.ncix.gov/publications/policy/FinalCIStrategyforWebMarch21.pdf O’Hara, G. Cyber-Espionage: A Growing Threat to the American Economy’. Commlaw Conspectus, vol. 19, pp. 241-275. Viewed on 7 November 2011, http://commlaw.cua.edu/res/docs/articles/v19/19-1/11-v19-1-O-Hara-Final.pdf Preub, J., Furnell, S., and Papadaki, M. ‘Considering the potential of criminal profiling to combat hacking’. Journal in Computer Virology, vol. 3, no. 2, 2007, pp. 135-141 Roche, E. Corporate Spy: Industrial Espionage and Counterintelligence in the Multinational Enterprise with Case Studies, London: Barraclough Ltd, 2008 US Department of Defense, US Cyber Command Fact Sheet. May 25, 2010, viewed 8 November 2011, http://www.defense.gov/home/features/2010/0410_cybersec/docs/CYberFactSheet%20UPDATED%20replaces%20May%2021%20Fact%20Sheet.pdf Wilson, C. ‘Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress’, CRS Report for Congress, Congressional Research Service, 2008. Read More