Report highlights links between cyber espionage and IP theft

The US National Counterintelligence and Security Center (NCSC) has described 2017 as a “watershed year” for reporting of hacking that is linked to IP theft, in a document shared last week.

The NCSC, which works with the public and private sectors, warned of the threat of trade secrets theft via cyberspace in its “2018 Foreign Economic Espionage in Cyberspace” report, released on Thursday, July 26.

Despite advances in cyber security, cyber espionage is a “relatively low-cost, high-yield avenue to obtain a wide spectrum of US IP”, the NCSC explained.

According to the NCSC, emerging technologies such as artificial intelligence and the internet of things offer great opportunities, but they also “introduce new vulnerabilities to US networks for which the cyber security community largely remains unprepared”.

The report identified companies that require access to control points of computer networks as being particularly vulnerable because such activities present the opportunity for foreign nations to access sensitive information.

It added that industries such as energy, biotechnology, and communications are of the greatest interest to foreign actors.

Last year there were “numerous events involving hackers targeting software supply chains with backdoors for cyber espionage”, the NCSC said, adding that “2017 represented a watershed year for public reporting of such incidents”.

Laws in foreign countries including China and Russia pose an increased IP risk to US companies, the NCSC added.

It noted that China requires foreign companies to submit their technology to the government for national security reviews, and Russian intelligence services have the ability to check and approve foreign technology sold in the country.

William Evanina, director of the NCSC, said the aim of the report is to provide US industries and the general public with “information on foreign efforts to steal US trade secrets through cyberspace”.