Holding on to Your IP Aces / by William Ellwood, EnCE

Image courtesy of Boians Young, FreeDigitalPhotos.net

Image courtesy of Boians Young, FreeDigitalPhotos.net

In today’s world, digital information is power. Sometimes you’re left guessing about how your opponent has got its digital information. The only way to make sure you’re not a victim of your opponent's power: always check your surroundings.

Take the NSA’s recently revealed PRISM program, for example. If you’re an American citizen, great. In theory, you’re protected from PRISM, provided their systems determine that you’re ‘American’ enough. Everyone else is unprotected. If you are tagged as foreign, upstream packet collection - i.e. the viewing of data as it travels through the internet’s ‘pipes’ - makes your communications open to snooping. This isn’t news. But reminds us that, if “information is power”, your information can be their power.

The worry about PRISM is warranted, because it stokes fears of government overreach. For you and me, however, the heart of the issue is the security of our corporate information.

General Michael Hayden described it well at the 2013 Computer and Enterprise Investigations Conference, one of the largest conferences of its kind (which ellwood Evidence Inc. investigators regularly attend). Gen. Hayden observed that, in the cyber domain, there were three distinct classes of actor. They are, in descending order of capability:

  1. governments, who use cyber to collect intelligence and conduct investigations,
  2. cyber gangs and criminal entities, who profit from wrongful activities, either monetarily or for the thrill of exacting vengeance for perceived injustices, and finally,
  3. corporations, the guys who just want their technology to work so they can get on with day-to-day business.

Gen. Hayden has some authority here. He’s the former Director of both the NSA and CIA. He says it’s fine for governments to go toe-to-toe with each other. Ditto for various cyber gangs, vying with each other for supremacy. They’re in a fair fight.

But higher tier players are increasingly going after companies. They’re interrupting business. Stealing trade secrets. Wreaking havoc.

Imagine bidding for a contract with a competitor who knows as much about the content of your bid as you. A private research group recently claimed that Chinese corporate cyber theft of American intellectual property accounted for more than $300 billion loss to the US economy. Persistent, undetected access to corporate networks is the goal of these government and corporate espionage groups. They collect and monitor internal documents and communications for a competitive advantage.

Such cyber attacks will be at the forefront of diplomatic discussions in the coming years. But in the words of Gen. Hayden, “the cavalry isn’t coming.” For the time being, business are on their own in the increasingly complex and risky world of internet security. Tier-one government tools, like the Stuxnet worm that destroyed many of Iran’s nuclear refineries, are being teased apart and repurposed by tier-two players for use against tier-three companies.

So consider the value of information within your private network: client lists, intellectual property, strategic plans, the recipe for your secret sauce. How much is that worth to you? How much would it cost if your opponent were to get it. Those are the stakes in this game. Always check your surroundings.