Nation States' Espionage and Counterespionage

An overview of the 2007 Global Economic Espionage Landscape

1 2 3 4 Page 3
Page 3 of 4

It was, therefore, surprising to the NIS when in mid-November 2007, it uncovered activities inside Korea by two executives of an indigenous firm that stole key technologies from another indigenous firm. The two were indicted, and the value of the intellectual property was placed at 1.7 trillion won (approximately $1.7 billion USD).

The investigation showed that the two executives had previously worked at the victim's firm for more than 20 years and stole the technology by downloading the data onto USB drives. The duo then took the accumulated data with them when they were hired by their current employer.

Zimbabwe's Mugabe: Don't forget us

Zimbabwe's president, Robert Mugabe, announced the establishment of the "Robert Mugabe School of Intelligence" near Harare during a speech on the role of intelligence in Zimbabwe that occurred in late October 2007. The multi-billion-dollar school will offer degrees and diplomas in security and intelligence studies. Mugabe noted that the school was complying with international best practices, saying, "Japan and Switzerland have industrial espionage schools to train businessman in the art of economic intelligence gathering." Mugabe hit the nail on the head when he noted that intelligence gives a national competitive advantage, not only in intelligence analysis but also in the art of espionage, which has become a scope of industrial development. Fair warning: The school is expected to open its doors in 18 months (Feb/Mar 2009).

Iran: Something's squirrelly here

In early July 2007, Iranian counterintelligence services captured 14 squirrels, carrying "foreign spy-gear" as they attempted to infiltrate Iran, according to the state-sponsored Islamic Republic News Agency (IRNA). No other details have been released on this incident, including who may have been the sponsor of the rodent infiltration attempt, other than to note Iran has stepped up its anti-espionage efforts against the West.

China's consistent voice: It's not us

In July 2007, the Chinese government expressed indignation at the FBI's placement of classified advertisements in a variety of Chinese-language press, soliciting assistance from the Chinese-speaking community, "Chinese living here have often helped the FBI prevent subversive elements from penetrating and harming our country. In order to protect our freedoms and democracy, we continue to seek your assistance. We especially welcome anyone who has information about the Chinese [government] or State Security."

Foreign ministry spokesman Qin Gang was noted as insisting that China's national security authorities would never violate the sovereignty or territorial integrity of another nation. Qin, dismissed the ad with, "A handful of people in the United States are acting against the trend of the times and cling to a Cold War mentality, attempting to stain China's image."

In September 2007, in response to the revelations of the June 2007 successful PLA attack on the U.S. Department of Defense, including the defense secretary's office, the Chinese Foreign Ministry rejected the accusations, labeling them "groundless." Foreign Ministry spokesman Jiang Yu noted, "The Chinese government has always opposed any Internet-wrecking crime, including hacking, and cracked down on it according to the law."

Also in September 2007, Lou Qinjian, vice minister of Information Industry, claimed that China was the victim, not the aggressor, and suggested that China had sustained more cyber-espionage than western nations, to include "massive" and "shocking losses of state secrets via the Internet."

In mid-November 2007, an annual report from the U.S.-China Economic Security Review Commission found that China poses a significant espionage threat to the U.S. and U.S. industries, resulting in a plethora of denials from China. The Chinese Foreign Ministry stated, "Concerning the issue of the so-called Chinese economic espionage in the United States, we have many times solemnly stated that China has never endangered the interests of another nation. We stand on the principle of mutual benefit based on fairness, justice and equality in undertaking cooperation in every area with other nations."

In late November 2007, Chinese Premier Wen Jiabao, speaking to the attendees of the China-EU Business Summit, said, "Protecting the intellectual property rights is not only necessitated by China's opening up, but also by a domestic drive for encouraging innovation and scientific development." It is worthy of approbation to note that since 1985, when the first patent law was created through today, China has put in place a comprehensive intellectual property rights legal framework. And there is no denying that the level of enforcement has increased year over year since 1985, but whether or not it is at appropriate levels is dependent upon one's perspective. Suffice it to say, there is ample room for continued improvement.

U.S. intellectual property under siege

The U.S. Defense Security Service, the entity with the counterintelligence oversight for corporate America's engagement with the Department of Defense, said in its most recent counterintelligence study that more than 100 countries were active in and engaged in attempts to acquire intellectual property from U.S. entities.

In mid-November 2007, the U.S. Department of Justice (DOJ) compiled and released a fact sheet ("Major U.S. Export Enforcement Actions in the Past Year") that summarized the 33 major cases (October 2006-October 2007) and prosecutions of illegal export of U.S. technologies (including those acquired through espionage activities) during the previous year. Interestingly, the number of countries identified totaled 10, with Iran and China each responsible for approximately a third of the cases. Equally interesting is how none of the cases involving Iran were characterized as espionage. Of the four cases identified as "espionage," all four cases identified China as the nation-state sponsor. Remarkably, Russia is conspicuous in its absence.

Mid-November also saw the release of the United States-China Economic Security Review Commission's report to Congress.

In September 2007, the Financial Times reported that in June 2007, the U.S. Department of Defense had been victimized by the most successful cyber attack in history and that the attack was conducted by the Chinese People's Liberation Army.

In July 2007, the Federal Bureau of Investigation's (FBI) director Robert S. Mueller, in testimony before the House Judiciary Committee in response to the committee's inquiry into Chinese activities in the U.S., characterized the threat by saying, "There is substantial concern China is stealing our secrets in an effort to leap ahead in terms of its military technology, but also the economic capability of China. It is a substantial threat that we are addressing in the sense of building our program to address this threat.

Also in July 2007, Thomas Mahlik, the chief of the FBI Domain program, was quoted in a USA Today article as saying the risk was within the enterprise. (Domain is the FBI's defensive counterintelligence program whose stated challenge is "to protect the U.S.'s sensitive information, technologies and thereby competitiveness in an age of globalization.") Mahlik said, "Our message is: There's risk here. You could be giving away the future. The threat's in-house." The article goes on to note that the FBI was pursuing 143 economic espionage cases, compared with 122 in 2006.

In the same article, Joel Brenner, the U.S. national counterintelligence executive, commented on the current state of affairs by saying, "The days when everything that was worth stealing, every secret that was worth stealing in the United States, was a government secret those days are long done. Much of what makes the country tick, much of our strategic advantage in the world, is economic."

Further evidence of China's activities in the U.S. comes in the form of the arrests, indictments and/or convictions of espionage and intellectual property theft that have occurred in the past 12 months. Consider the following:

  • In October 2007, U.S. citizen Lee Lan and Chinese national Ge Yuefei allegedly stole chip designs from their employer, Netlogic Microsystems, and other sensitive documents from the Silicon Valley office of Taiwan chip maker TSMC. The two have been charged with trade secret theft, conspiracy and two counts of economic espionage. According to the indictment, the duo were to sell their designs to the Chinese PLA's General Arms Department and the 863 Program, a military-led R&D entity.
  • In August 2007, Xiaodong Sheldon Meng, a Chinese national with Canadian citizenship, pled guilty in San Jose federal court to one count of economic espionage for trying to sell stolen software to China's Navy Research Center, and one count of violating U.S. arms control regulations for illegally exporting software used to train military fighter pilots.
  • In December 2006, Fei Ye and Ming Zhong received guilty verdicts for having stolen microchip blueprints from four different companies (Transmeta Corporation (Transmeta), Sun Microsystems, Inc. (Sun), NEC Electronics Corporation (NEC) and Trident Microsystems, Inc. (Trident) in Silicon Valley, and sharing the aforementioned 863 Program.

The U.S. government has also made some recommendations on how to defend against the loss of intellectual property. Among these were these findings of the US-China Economic and Security Review Commission:

  • "Ensuring adequate support for U.S. export control enforcement and counterintelligence efforts: In order to slow or stop the outflow of protected U.S. technologies and manufacturing expertise to China, the Commission recommends that Congress assess the adequacy of and, if needed, provide additional funding for U.S. export control enforcement and counterintelligence efforts, specifically those tasked with detecting and preventing illicit technology transfers to China and Chinese state-sponsored industrial espionage operations."
  • "Ensuring adequate support for protecting critical American computer networks and data: The Commission recommends that Congress assess the adequacy of and, if needed, provide additional funding for military, intelligence, and homeland security programs that monitor and protect critical American computer networks and sensitive information, specifically those tasked with protecting networks from damage caused by cyber attacks."
  • "Addressing weaknesses in U.S. intelligence capabilities focused on China's military: The Commission recommends that Congress instruct the director of national intelligence to conduct a full assessment of U.S. intelligence capabilities vis-à-vis the military of the People's Republic of China, and identify strategies for addressing any U.S. weaknesses that may be discovered as part of the assessment."
  • "Assessing potential Chinese military applications of R&D conducted in China by U.S. companies: The Commission recommends that Congress direct the U.S. Department of Defense to evaluate, and, in its Annual Report to Congress on the Military Power of the People's Republic of China, to report on, potential Chinese military applications of R&D conducted in China by U.S. companies."

These findings are based on the commission's understanding of how China has developed a growing reliance on industrial espionage. The report notes, "China continues to supplement its acquisition of new technologies from commercial transfers and direct production partnerships with a large-scale industrial espionage campaign." The commission also notes, "Chinese espionage against the U.S. military and American business continues to outpace the overwhelmed U.S. counterintelligence community. Critical American secrets and proprietary technologies are being transferred to the PLA and Chinese state-owned companies."

Defending U.S. Intellectual Property: In September 2007, Mahlik, said, "In the past, we've always been reactive to this type of scenario [espionage] and essentially showed up after the fact to bring resources to bear on this type of crime, but we want to be more proactive to help businesses and academic institutions protect themselves before an incident occurs."

The FBI's Domain program includes:

1 2 3 4 Page 3
Page 3 of 4
7 hot cybersecurity trends (and 2 going cold)