Industrial espionage is not a new concept. Companies have been wanting to know the secrets and strategies of their competitors since the birth of corporations and this pre-dates the industrial revolution itself.
Industrial espionage is when a company uses different kinds of data breaches to access the intellectual property of another company without permission and for competitive advantage.
Industrial espionage could be done digitally by hacking into a company’s system, or it can be done through individuals working for the victim company stealing and selling their secrets.
Examples of Cases
The Micron case saw $8.75 Billion in American patented computer chips pilfered in an act of industrial espionage. In this case, a Chinese-backed company allegedly stole the industrial secrets from Micron, who manufactures components for approximately one out of every five cameras, smartphones, televisions, and motor vehicles. There is even a good chance that there is a micron chip in the device that you are reading this on.
In this case, the mere accusation of industrial espionage had repercussions that reverberated throughout the network. Huawei was charged with 23 violations in January 2019. Shares in companies that supply Huawei with manufacturing components included TSMC whose shares fell almost 2.5% at the announcement, and Foxconn Industrial Internet whose shares fell just under two percent.
Global Economic and Political Repercussions
Industrial espionage is especially prominent in contemporary discussions about relationships between the United States and China. Perceived incidents of a data breach for companies in the United States often find the source of the breach to be based in China or at least executed by a company with Chinese interest. This has caused significant global economic and political tension well beyond the borders of the two countries.
Effect on Supply Chain Businesses
The main source of a data breach is often with the third-party suppliers of major corporations, whose IT infrastructure is left vulnerable to be tampered with from external sources. For example, an advanced Chinese cyberespionage campaign targeted third party IT suppliers around the world, which were seen as stepping stones to bigger and more lucrative targets.
This campaign known as “Cloud Hopper” did not actually achieve this, but many of these third parties were still handling some highly sensitive data that was accessed. This activity makes corporations wary of smaller businesses and makes it more difficult for emerging companies to compete in a world that is more and more under strain from external pressures.
Such external pressures include industrial espionage. Small businesses are left to either invest in more secure information technology or be left behind. Such upgrades are often costly.
Industrial espionage is definitely a risk to be taken seriously, and there are steps that can ensure that the exposure of your business to that risk is limited.
Take a look at what your company has in the way of secret formulas and any potential matters that can be targeted for espionage. These need to be kept very secret. Assess how big the secrets of your business are, and what would happen if that information were in the hands of others.
Your company needs to form a policy for all management and employees to adhere to around sharing data, suitable platforms for use, hardware that is permissible to connect to your network, and the strict use of systems. Best practices are the best way to ensure that your company is safe.
The best number of people to keep a secret is one. This doesn’t always work in business, but limiting the number of people who have access to critical information is always advised. Senior management obviously needs to know what is happening within the company. The lower-tier employees may not necessarily need access. Form a strict policy around who needs to know and have access to what information.
The World Trade Organisation has strict rules around trade-related aspects of intellectual property rights. However, the organization to date has done little in the way of combating and building protections around industrial espionage. This is most likely because the nature of industrial espionage is by definition, spying. Companies who participate in espionage aren’t exactly eager to report on their espionage to authorities. The onus is on the corporation to ensure that their business remains safe.
The effects of industrial espionage can be wide-ranging. This usually means a loss of profit for the victim company, and can affect the suppliers and customers of both companies, depending on the outcome of the espionage. This modern evil is a growing monster that does indeed negatively impact global supply chains. However, we also live in a world where modern technology comes to the rescue to combat such evils. Companies need to stay abreast of such technology to ensure they remain secure.
About the Author: David Lukić is an information privacy, security and compliance consultant at IDstrong.com. The passion to make cyber security accessible and interesting has led David to share all the knowledge he has.