Origins of industrial espionage
Economic and industrial espionage has a long history. The work of Father Francois Xavier d'Entrecolles in Jingdezhen, China to reveal to Europe the manufacturing methods ofChinese porcelain in 1712 is sometimes considered an early case of industrial espionage.
Historical accounts have been written of industrial espionage between Britain and France. Attributed to Britain's emergence as an 'industrial creditor,' the second decade of the 18th century saw the emergence of a large-scale state-sponsored effort to surreptitiously take British industrial technology to France. Witnesses confirmed both the inveigling of tradespersons abroad and the placing of apprentices in England. Protests by those such as iron workers in Sheffield and steel workers inNewcastle,[clarification needed] about skilled industrial workers being enticed abroad, led to the first English legislation aimed at preventing this method of economic and industrial espionage.
During the Cold War
With Western restrictions on the export of items thought likely to increase military capabilities to the USSR, Soviet industrial espionage was a well known adjunct to other spying activities up until the 1980s. BYTE reported in April 1984, for example, that although the Soviets sought to develop their own microelectronics, their technology appeared to be several years behind the West's. Soviet CPUs required multiple chips and appeared to be close or exact copies of American products such as the Intel 3000 and DEC LSI-11/2.
Some of these activities were directed via the East German Stasi (Ministry for State Security). One such operation, known as "Operation Brunnhilde" operated from the mid-1950s until early 1966 and made use of spies from many Communist Bloccountries. Through at least 20 forays, many western European industrial secrets were compromised. One member of the "Brunnhilde" ring was a Swiss chemical engineer called Dr Jean Paul Soupert, also known as 'Air Bubble,' living in Brussels. He was described by Peter Wright in Spycatcher as having been 'doubled' by the Belgian Sûreté de l'État. He revealed information about industrial espionage conducted by the ring, including the fact that Russian agents had obtained details ofConcorde's advanced electronics system. He testified against two Kodak employees, living and working in Britain, during a trial in which they were accused of passing information on industrial processes to him, though they were eventually acquitted.
Soviet spetsinformatsiya system
A secret report from the Military-Industrial Commission of the USSR (VPK), from 1979–80, detailed how spetsinformatsiya(Russian: специнформация i.e. "special records") could be utilised in twelve different military industrial areas. Writing in theBulletin of the Atomic Scientists, Philip Hanson detailed a spetsinformatsiya system in which 12 industrial branch ministries formulated requests for information to aid technological development in their military programs. Acquisition plans were described as operating on 2 year and 5 year cycles with about 3000 tasks under way each year. Efforts were aimed at civilian as well as military industrial targets, such as in the petrochemical industries. Some information was garnered so as to compare levels of competitor to Soviet technological advancement. Much unclassified information was also gathered, blurring the boundary with 'competitive intelligence'.
The Soviet military was recognised as making much better use of acquired information, compared to civilian industry, where their record in replicating and developing industrial technology was poor.
The legacy of Cold War espionage
Following the demise of the Soviet Union and the end of the 'Cold War,' commentators, including the US CongressionalIntelligence Committee, noted a redirection amongst the espionage community from military to industrial targets, with Western and former communist countries making use of 'underemployed' spies and expanding programs directed at stealing such information.
The legacy of 'Cold War' spying included not just the redirection of personnel but the use of spying apparatus such as computer databases, scanners for eavesdropping, spy satellites, bugs and wires.
France and the United States
Between 1987 and 1989, IBM and Texas Instruments were thought to have been targeted by French spies with the intention of helping France's Groupe Bull. In 1993, US aerospace companies were also thought to have been targeted by French interests. During the early 1990s, France was described as one of the most aggressive pursuers of espionage to garner foreign industrial and technological secrets. France accused the U.S. of attempting to sabotage its high tech industrial base. The government of France has been alleged to have conducted ongoing industrial espionage against American aerodynamics and satellite companies.
In 1993, car manufacturer Opel, the German division of General Motors, accused Volkswagen of industrial espionage after Opel's chief of production, Jose Ignacio Lopez, and seven other executives moved to Volkswagen. Volkswagen subsequently threatened to sue for defamation, resulting in a four-year legal battle. The case, which was finally settled in 1997, resulted in one of the largest settlements in the history of industrial espionage, with Volkswagen agreeing to pay General Motors $100 million and to buy at least $1 billion of car parts from the company over 7 years, although it did not explicitly apologize for Lopez's behavior.
Hilton and Starwood
In April 2009 the US based hospitality company Starwood accused its rival Hilton of a "massive" case of industrial espionage. After being purchased by private equity group Blackstone, Hilton employed 10 managers and executives from Starwood. Under intense pressure to improve profits,[clarification needed] Starwood accused Hilton of stealing corporate information relating to its luxury brand concepts, used in setting up its own Denizen hotels. Specifically, former head of itsluxury brands group, Ron Klein, was accused of downloading "truckloads of documents" from a laptop to his personal email account.
GhostNet was a 'vast surveillance system' reported by Canadian researchers based at the University of Toronto in March 2009. Using targeted emails it compromised thousands of computers in governmental organisations, enabling attackers to scan for information and transfer this back to a 'digital storage facility in China'.
Google and Operation Aurora
On January 13, 2010, Google Inc. announced that operators, from within China, had hacked into their Google China operation, stealing intellectual property and, in particular, accessing the email accounts of human rights activists. The attack was thought to have been part of a more widespread cyber attack on companies within China which has become known as Operation Aurora. Intruders were thought to have launched a zero-day attack, exploiting a weakness in theMicrosoft Internet Explorer browser, the malware used being a modification of the trojan Hydraq. Concerned about the possibility of hackers taking advantage of this previously unknown weakness in Internet Explorer, the Governments of Germany and, subsequently France, issued warnings not to use the browser.
There was speculation that 'insiders' had been involved in the attack, with some Google China employees being denied access to the company's internal networks after the company's announcement. In February 2010, computer experts from the U.S. National Security Agency claimed that the attacks on Google probably originated from two Chinese universities associated with expertise in computer science, Shanghai Jiao Tong University and the Shandong Lanxiang Vocational School, the latter having close links to the Chinese military.
Google claimed at least 20 other companies had also been targeted in the cyber attack, said by the London Times, to have been part of an 'ambitious and sophisticated attempt to steal secrets from unwitting corporate victims' including 'defence contractors, finance and technology companies'. Rather than being the work of individuals or organised criminals, the level of sophistication of the attack was thought to have been 'more typical of a nation state'. Some commentators speculated as to whether the attack was part of what is thought to be a concerted Chinese industrial espionage operation aimed at getting 'high-tech information to jump-start China’s economy'. Critics pointed to what was alleged to be a lax attitude to the intellectual property of foreign businesses in China, letting them operate but then seeking to copy or reverse engineer their technology for the benefit of Chinese 'national champions'. In Google's case, they may have (also) been concerned about the possible misappropriation of source code or other technology for the benefit of Chinese rival Baidu. In March 2010 Google subsequently decided to cease offering censored results in China, leading to the closing of its Chinese operation.
CyberSitter and 'Green Dam'
The US based firm CyberSitter announced in January 2010 that it was suing the Chinese government, and other US companies, for stealing its anti pornography software, with the accusation that it had been incorporated into China's Green Dam program, used by the state to censor Chinese citizens' internet access. CyberSitter accused Green Dam creators as having copied around 3000 lines of code. They were described as having done 'a sloppy job of copying,' with some lines of the copied code continuing to direct people to the CyberSitter website. The attorney acting for CyberSitter maintained "I don't think I have ever seen such clear-cut stealing".
USA v. Lan Lee, et al
The United States charged two former NetLogic Inc. engineers, Lan Lee and Yuefei Ge, of committing economic espionage against TSMC and NetLogic, Inc. A jury acquitted the defendants of the charges with regard to TSMC and deadlocked on the charges with regard to NetLogic. In May 2010, a federal judge dismissed all the espionage charges against the two defendants. The judge ruled that the U.S. Government presented no evidence of espionage.
Dongxiao Yue and 'Chordiant Software, Inc'
In May 2010, the federal jury convicted Chordiant Software, Inc., a U.S. corporation, of stealing Dongxiao Yue's JRPC technologies and used them in a product called 'Chordiant Marketing Director'. Yue previously filed lawsuits against Symantec corporation for a similar theft.
Chengdu J-20 stealth fighter jet
When it was unveiled in January 2010, the Chinese engineered Chengdu J-20 stealth fighter jet was speculated by Balkanmilitary officials and other experts as having been reverse engineered from the parts of a US F-117 Nighthawk stealth fighter shot down over Serbia in 1999. It was the first time such an aircraft had been hit. When the US jet was shot down, Chinese officials in the country were reported as having travelled around the region buying up parts of the aircraft from farmers. Representing 'dramatic progress' into cutting edge military technology for the Chinese, the Chengdu J-20 stealth fighter was thought to potentially pose a challenge to US air superiority. President Milošević was known to have routinely shared captured military technology with Russian and Chinese allies. The Russian Sukhoi T-50 prototype stealth fighter, unveiled in 2010, is likely to have been built from knowledge based on the same source.
An unnamed Chinese defence official protested to the official English language mouthpiece of the Chinese Communist Party, the Global Times, "It's not the first time foreign media has smeared newly-unveiled Chinese military technologies. It's meaningless to respond to such speculations."
Concerns of national governments
Revelations from the Snowden documents have provided information to the effect that the United States, notably vis-à-vis the NSA, has been conducting aggressive economic espionage against Brazil. Canadian intelligence has apparently supported U.S. economic espionage efforts.
A recent report to the US government, by aerospace and defense company Northrop Grumman, describes Chinese economic espionage as comprising 'the single greatest threat to U.S. technology'. Joe Stewart, of SecureWorks, blogging on the 2009 cyber attack on Google, referred to a 'persistent campaign of "espionage-by-malware" emanating from the People’s Republic of China (PRC)' with both corporate and state secrets being 'Shanghaied' over the past 5 or 6 years.The Northrop Grumann report states that the collection of US defense engineering data through cyberattack is regarded as having 'saved the recipient of the information years of R&D and significant amounts of funding'. Concerns about the extent of cyberattacks on the US emanating from China has led to the situation being described as the dawn of a 'new cold cyberwar'.
In December 2007, it was revealed that Jonathan Evans, head of the United Kingdom's MI5, had sent out confidential letters to 300 chief executives and security chiefs at the country's banks, accountants and legal firms warning of attacks from Chinese 'state organisations'. A summary was also posted on the secure website of the Centre for the Protection of the National Infrastructure, accessed by some of the nation's 'critical infrastructure' companies, including 'telecoms firms, banks and water and electricity companies'. One security expert warned about the use of 'custom trojans,' software specifically designed to hack into a particular firm and feed back data. Whilst China was identified as the country most active in the use of internet spying, up to 120 other countries were said to be using similar techniques. The Chinese government responded to UK accusations of economic espionage by saying that the report of such activities was 'slanderous' and that the government opposed hacking which is prohibited by law.
German counter-intelligence experts have maintained the German economy is losing around €53 billion or the equivalent of 30,000 jobs to economic espionage yearly. The main perpetrator was thought to be China, though Russia was also considered "top of the list," with a variety of espionage methods being used, from old fashioned spying, phone tapping and stealing laptops, to internet based methods, such as the use of Trojan email attacks. The target of these attacks included not just information about technology but also management techniques and marketing strategies. As well as accessing intellectual property on-line, state sponsored hackers were also considered, by German counter intelligence officer Walter Opfermann, as capable of "sabotaging huge chunks" of infrastructure such as Germany's power grid.
More at:Industrial espionage - Wikipedia, the free encyclopedia
'via Blog this'