Thank you for sharing!

Your article was successfully shared with the contacts you provided.
Electronic economic espionage and the plundering of trade secrets via cyberspace are the subjects of a U.S. government report released Thursday. Chinese and Russian actors are the primary culprits, according to the report, and among their principal targets are U.S. companies whose business information and know-how are seen by foreign countries as “essential” to achieving their own national security and economic prosperity. “The pace of foreign economic collection and industrial espionage activities against major U.S. corporations and U.S. government agencies is accelerating,” states the report, produced by the Office of the National Counterintelligence Executive. “Foreign intelligence services, corporations, and private individuals increased their efforts in 2009-2011 to steal proprietary technologies, which cost millions of dollars to develop and represented tens or hundreds of millions of dollars in potential profits.” Topping the list of proprietary information prized by these cyberspies are: information and communications technology; military technologies for marine systems and aerospace/aeronautics; clean energy technologies; health care and pharmaceuticals information; and agricultural technology. Business information about supplies of scarce natural resources or data that would offer foreigners an advantage in negotiations with U.S. companies and the U.S. government are also coveted. Reports on economic espionage are delivered to Congress every two years, and this year’s update made waves in the press and diplomatic channels for it open accusations of China and Russia for engaging in thefts and attacks. The report also identifies the role that U.S. corporations play in the equation—both as unwitting prey and as victims who are averse to coming forward to law-enforcement officials. “Many companies are unaware when their sensitive data is pilfered, and those that find out are often reluctant to report the loss, fearing potential damage to their reputation with investors, customers, and employees,” say the authors. The lack of reporting hinders the ability of the U.S. government to identify hackers and other bad actors, according to the report. While there exists no legal requirement “to report a loss of sensitive information or a remote computer intrusion,” the report notes that the private sector does already have “ a fiduciary duty to account for corporate risk and the bottom-line effects of data breaches, economic espionage, and loss or degradation of services.” Chief executive officers and boards of directors have “key responsibility” for ensuring “that the protection of trade secrets and computer networks is an integral part of all corporate decisions and processes,” the authors write. At the same time, the authors say, the company’s legal officers and human resources officers—and “not just security and information systems officials”—are “key stakeholders” in those processes. Economic espionage threats extend beyond the company’s firewalls, too, when employees transfer or store data on “cloud sites, home computers, laptops, portable electronic devices, portable data assistants, and social networking sites.” In addition, “e-mail remains one of the quickest and easiest ways for individuals to collaborate—and for intruders to enter a company’s network and steal data.” The report raises red flags about employees who could be co-opted by foreign actors, or who would be inclined to steal or leak information—particularly those who have recently left the company. The report lists best practices to counter insider threats, including:

ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2017 ALM Media Properties, LLC. All Rights Reserved.