|
| |
Russia, Spy Mania and Industrial Espionage: From Main Street to the Boardroom
|
|
| |
|
|
August 15, 2010
Since 9/11, the United States of America has kept its primary political, military and security eye firmly trained on the Islamic world. For nearly a decade, we have been focused on wars in Iraq and Afghanistan as we confronted the reality that foreign-inspired terrorism had hit violently home in American cities. We as a country forgot our Cold War enemy and became engrossed with a powerful new enemy, al Qaeda and radical Islam.
Russia, however, has not been similarly diverted, and its rivalry with the United States has only intensified over the past decade or two. From the chaotic post-Soviet period to the financially reinvigorated era of recent years, Russia has continued to view the United States as both competitor and enemy. During the 1990s, while Russia was evolving from a totalitarian dictatorship to a fragile democracy and its economy moved from communism to capitalism, the West considered the Cold War over. However, as evident by the recently convicted and swapped Russian spy ring residing in the United States, Russia's adversarial stance towards the United States is still very much alive. It is apparent that Moscow continues to see Washington as trying to contain or break Russian power with United States military installations in Central Europe and Central Asia, the expansion of NATO to the periphery of Russia, and the establishment of bilateral security with former Soviet states influenced by multi-colored revolutions ushering in various editions of democracy. This issue of The Lipman Report® will analyze the roots and development of Russian spy operations, examine the ongoing threat of industrial espionage - from the costly theft of trade secrets and sensitive information, to counterfeiting and piracy - and provide targeted recommendations for minimizing these threats.
The arrest on June 28, 2010, of 11 Russian spies, a network of undercover agents that on the surface appeared to be living ordinary American lives - gardening, selling real estate and even using popular social networking websites such as Facebook under assumed identities - begs the question: Has anything really changed?
According to senior United States intelligence and law-enforcement officials, Russia runs more than 100 known spies under official cover in the United States. Additionally, there are an unknown number of so-called NOC - operatives who work under non-official cover as businessmen, journalists or academics - which have undoubtedly expanded the Russian spy force in the homeland. Emboldened by the liberalized visa rules that have been in place since the end of the Cold War, this force is free to move about the country undetected, recruiting and passing information along to their handlers.
Russia has a rich and storied history of espionage. Russia's first political police - the distant ancestor of today's version of the KGB - was the Oprichnina, founded in 1565 by Ivan the Terrible, the first Grand Duke of Muscovy to be crowned Tsar. Following the 1881 assassination of Tsar Alexander II by a group called the People's Will, the Okhrana, a newly formed secret police, became responsible for all aspects of state security. The Okhrana was unique in the Europe of its time both for the extent of its powers and the scope of its activities; while other European police forces operated under the law, the Okhrana was a law unto itself. During this period, Tsarism depended on the omnipotence of the Okhrana for its survival. By subsequent Soviet standards, however, the powers of the Okhrana were used on a relatively modest scale. The Okhrana evolved into the Cheka, founded by Felix Dzerzhinsky on December 20, 1917, during the Bolshevik revolution. The KGB was subsequently established in 1954 and during the Mikhail Gorbachev period of perestroika - rebuilding - and glasnost - openness - the responsibilities of the KGB were divided between the FSB and the SVR. Today, the FSB is responsible for internal security while the SVR is in charge of overseas espionage.
The Russians have used "illegals" such as the 11 operatives in their espionage activities since the October 1917 revolution. Operated by the infamous Line N of the KGB, illegals are the "golden boys" of Russian intelligence activities. They are costly, time consuming, sensitive and difficult to run - and for these reasons, the Soviets never use them for simple operations. Illegals are provided false identities and documentation, seek citizenship or legal resident permits of target countries and pursue degrees at target country universities, obtaining employment and joining relevant professional organizations. They aim to hide all connections between themselves and Russia, even as they act at the direction and under the control of the SVR. Gathering data on individuals who can later be recruited as spies is one of their primary goals, and they are often referred to as "spotters." In the event of a cessation of diplomatic ties or the advent of hostilities, illegals deal directly with agents and spies, providing confidential information and sometimes becoming involved in sabotage or internal military activities. In short, they are recruiters who are "on call."
During the 1920s and 1930s, the Soviets developed a unique model of espionage, placing undetectable illegals in key positions. Soviet talent scouts would range around left-wing meetings and universities to discover potential recruits - young people with impeccable backgrounds and limited contact with the left. These potential agents would be lured based on ideology, and less often via money, sex or blackmail. The new recruits would apply for jobs in their countries' intelligence services, foreign or defense ministries, or other sensitive positions. Their strong family and academic backgrounds would help them find employment in these types of sensitive positions, where they would remain for 20 or 30 years while they rose in the ranks, often aided with bits of information from the Soviet side. During the Cold War, the Soviets even opened a university in Moscow, Patrice Lumumba University, to educate the best and the brightest from the Third World. These graduates would return to their homelands as potential leaders, converted communists and possible intelligence recruits. Illegals are the hardest spies for the FBI to catch because they take civilian jobs with no visible connection to a foreign government, rather than operating from government jobs inside Russian embassies and military missions.
The recent guilty pleas of the 11 Russian agents are clearly an embarrassment for the SVR, an agency painstakingly rebuilt from the post-Cold War ruins by former President and current Prime Minister Vladimir Putin - somewhere, the ghosts of former KGB Directors such as Dzerzhinsky, Beria and Andropov are turning in their graves. These 11 men and women share a long legacy with legendary Soviet moles and sleepers in the use of their tools: invisible ink, dead drops, buried cash, Morse code, coded radio transmissions, encrypted data and even steganography to encode secret text messages in image files on short-range wireless communications between laptop computers. This is a far cry from the hollowed-out nickels used by captured Soviet spy Colonel Rudolf Abel in the 1950s to conceal and deliver microfilm.
There is ample evidence that the SVR put considerable effort into this operation, obtaining false identities and spending hundreds of thousands of dollars. The decade-long spy ring was an ambitious effort by the SVR to plant Russian spies in the United States to gather information and recruit more agents. If it was officially sanctioned, this operation suggests there are deeper hostilities and more complex problems in American-Russian relations than have been believed, or can be easily mended. The agents were here not to proselytize the philosophy of communism, but to establish a long-term espionage infrastructure, potentially to achieve political, military and economic goals for Russia against the United States.
With an impending resurgence of foreign espionage, particularly in light of the current economic dislocation and stress, the private sector must also be on high alert for instances of industrial espionage, sabotage and the security of its intellectual property. Though industrial or corporate espionage is conducted for commercial purposes, it can certainly impact national security, both through theft of information and financial losses. Industrial espionage is as real a threat as terrorism or environmental disasters.
The term "industrial espionage" is not to be confused with what is called "competitive intelligence" - legal and ethical activities such as examining corporate publications, websites and patent filings to determine the activities of a corporation. Industrial espionage describes criminal activities such as the theft of trade secrets, bribery, blackmail and technical surveillance, and is most commonly associated with technology industries, aviation and satellite companies and the computer industry. Pharmaceutical and heavy industries, particularly the automobile sector, are also targeted. There is another threat that has not yet grabbed the headlines or captured the public imagination, but is efficiently looting, pillaging and plundering the United States and global economies - the theft of trade secrets.
This silent and invisible hemorrhaging of intellectual knowledge and trade secrets could seriously damage our economy and jeopardize America's pre-eminent position in the global economic world. According to a study by USA for Innovation, intellectual property in the United States alone carries the value of $5 trillion, equivalent to 45 percent of the gross domestic product. The United States Commerce Department estimates that intellectual property damages exceed $250 billion annually and cost the United States approximately 750,000 jobs per year, while the International Chamber of Commerce puts the annual global fiscal loss at more than $600 billion.
Not only does the United States still face the threat of spy vs. spy - what is known as a "symmetrical threat," a threat from professional spies, but it is now faced with what is called an "asymmetrical threat," a threat from a variety of subtle, unknown sources such as students, delegations, visitors, researchers, false-front companies and partnerships whose aim is to obtain corporate America's proprietary and intellectual information. This broader, more complex threat is infinitely more difficult to identify and directed at corporations throughout America in all states.
The threat of economic espionage falls into three broad categories:
- Insiders and competitors targeting companies
- State-sponsored trade secret theft
- Counterfeiters and pirates targeting products
Economic espionage or intellectual property theft conducted by insiders or competitors are the most tangible, common and destructive threats. Such a threat can take many forms: an employee, a member of the management team, a corporate board member, a third-party contract manufacturer or a collaborate partner in a joint venture.
The second category, state-sponsored economic espionage and intellectual property theft, represents the most sophisticated and formidable threat. The United States Intelligence Authorization Act defined foreign industrial espionage as industrial espionage conducted by a foreign government or foreign company - with the direct assistance of a foreign government - against a private American company, aimed at obtaining commercial secrets. Using their law enforcement and intelligence services, nation states routinely engage in economic espionage to acquire the needed technology to boost military programs or advance the economic competitiveness of their industrial base.
Industrial espionage is carried out in many ways. Traditional methods of espionage include classic agent recruitment from among American citizens or illegal aliens residing in the United States, surveillance, surreptitious entry and specialized technical operations. Additional methods may also involve the use of foreign students studying in the United States, foreign employees of American firms or foreign visitors to the United States who are debriefed on return to their home country. Recruitment of émigrés, suborning or threatening Americans with foreign family ties, and elicitations during international conferences and fair trades are also common techniques. And a recent survey conducted by the National Counterintelligence Center among Fortune 500 company officers extended this list with the following: people breaking away from tour groups, personnel attempting access after normal working hours, companies supplying different personnel at the last minute for agreed-upon projects, theft of laptops, foreign customs holding laptops for a period of time to extract data, information gathering and recruitment at social events, the searching of trash and discarded materials, and intercepting non-encrypted Internet messages.
Computers have become a central vehicle for industrial espionage due to the enormous amount of information they contain and its ease of being copied and transmitted. The chief vulnerability lies in that the transfer of information often lacks the security mechanisms that sensitive data demands, thus making the risk of leakage very possible, especially when information is time-critical and needs to be shared between business partners, confidants, engineers, scientists or designers.
The third category, counterfeiting and piracy of products, is often sponsored by organized criminals and continues to plague economies around the world. The United States Chamber of Commerce estimates that counterfeit and pirated products make for five to seven percent of the global economy, and results in the annual loss of more than 750,000 jobs and approximately $250 billion in sales within the United States. Firms are increasingly at risk of having major products copied, key efforts sabotaged and highly sensitive information compromised.
The following is recommended to reduce risk of stolen information and assets:
Investment: Invest in protective resources commensurate to the value of the asset being protected.
Organization: Where and to whom the security department reports within an organization is critically important. Your chief security officer, responsible for personnel security, physical security and information security, should not be a stranger to the boardroom, but maintain open communication at all levels within the organization.
Awareness and Education: Educate your entire workforce, particularly executives, managers and technical personnel, about the threats of economic espionage, intellectual property theft, counterfeiting and piracy.
Personnel Security: Implement a personnel security program that includes both pre-employment background investigations and effective termination procedures.
Information Security: Recruit certified information security professionals. Adopt strategic information security technologies, such as firewalls, intrusion detection, encryption and authentication devices. Focus on the importance of data retention and data destruction as well as data access.
Physical Security: Secure the premises to prevent an unscrupulous competitor or foreign government from physically stealing important technology and products.
Intelligence: Know your competition, partners and customers. Keep abreast of the latest trends in hacking, organized crime, financial fraud and state-sponsored espionage.
Industry Outreach: Share information by becoming involved in groups related to your industry and environment. Keep current with fellow security professionals to follow the attacks or threats they are encountering.
Government Liaison: Obtain expert legal advice on intellectual property issues.
The United States economy faces an abundance of threats, including spiraling energy costs, corporate governance abuses, staggering federal deficits, foreign ownership of the national debt, the loss of jobs to offshore outsourcing and the ongoing impact of disasters, both terrorist-related and environmental. The recent capture of 11 Russian spies, however, is a clear and resounding wake-up call. As this incident illustrates, there continues to be hostility and resentment towards the United States from a variety of sources. The American counterintelligence community expects no decline in foreign intelligence activities, while efforts to stem the flow of information are becoming more difficult in the current age of globalization. The risks of economic espionage, intellectual property theft, counterfeiting and piracy are pervasive, dangerous and increasingly common.
America is under economic attack - almost 100 separate countries are currently attempting to acquire sensitive American information. State-sponsored economic espionage and intellectual property theft are global issues, not unique to businesses or researchers. When an insider is supported by an intelligence infrastructure such as the one the 11 agents attempted to establish in the United States, the activity or operation becomes even more sophisticated, menacing and potentially damaging, while the ability to detect or defend against it is often beyond the means of most corporate security mechanisms. Organizations within the private sector can choose to be hard or soft targets and must take strategic, proactive measures to protect information and assets from foreign enemies who aim to empower themselves by taking what is not theirs, draining our resources in the process. The time for urgency is now.®
|
|
|
|
