7/30/2019 Preventing Industrial Espionage

1/3

SECURITY ENFORCEMENThttp://www.nowellgroup.com

Industrial espionage is no new economic threat. Today it is estimated that 70 percent of an average enterprises

value is held inside its information systems (source: Trends in Proprietary Information Loss, American Society

for Industrial Security and PricewaterhouseCoopers, 1999). Enterprise leaders must continue to decisively

address the threat posed by corporate espionage and other methods of information security breaches. According

to the FBI, industrial espionage costs U.S. companies anywhere from $24 billion to $100 billion annually [1].

In another survey by the American Society for Industrial security, the potential monetary losses as a result of

security lapses costs American industries as much as $63 billion [2].

Last, in an anonymous survey by the Computer Security Institute (CSI) and the FBI, over 50 percent of

information security professionals cited corporate competitors as likely sources of cyber attack [3]. Corporate

Espionage is a reality in this age of the Internet and the global economy. Economic and industrial espionage

occurs around the world and U.S. Companies are prime targets, not to mention, easy ones [2].

For example, in some foreign countries the philosophy says, why spend 10 years and $1 billion on research and

development when you can simply bribe a competitors engineer for under a million and get the same results?

[2]. Furthermore, some foreign governments have asked their officials to close the technology gap by making

better use of industrial intelligence in doing so according to Senate select committee on Intelligence

Chairman Sen. Arlen Specter, who earlier spoke at a hearing on this issue [2].

It is evident that the threat of corporate espionage is very real and occurs frequently, here on U.S soil, in our

offices and sadly, sometimes by our own employees. However, the greatest problem is that of

by some information managers. Most information managers and company owners simply dont

believe that their organizations could be targets of Industrial Espionage [1]. If a company is not in the defense

industry or if the organization is very small, often the thinking goes that no one will ever come after us. Thisall-too-common attitude is a crooks best weapon because he will strike hardest when you least expect it [1].

In fact, any company that is publicly traded, involved in an on going litigation, related to government strategy,

possessing intellectual property, or holding customer profile information (such as brokerage firms, banks,

insurance firms, etc) face the risk of becoming victims of corporate espionage.

According to industry surveys like the 2000 Computer Crime Report by the FBI and the Computer Security

Institute, insiders are considered to be the biggest threat to computer security. Seventy-one percent of the

companies surveyed have experienced unauthorized access by insiders [2]. This implies that corporations,

government agencies and research institutions are increasingly vulnerable to insider espionage [2].

A seemingly trustworthy, law-abiding company insider fits the perfect profile of a corporate spy and could be

your worst enemy. A fraudulent person could be anybody in a corporation, spanning anyone in the ranks from

1

7/30/2019 Preventing Industrial Espionage

2/3

senior management executives, to office workers, down to janitorial staff. The common methods that facilitate

corporate espionage among insiders include [2]:

Bribery of employees by outside corporate intelligence agents. Manipulation or social engineering of IT personnel to divulge information such as logon or other

authentication information, which can be used to obtain access to sensitive information. Sometimes

criminals pose as authentic users, and by simple phone calls, they request a password change with littleor no verification by the administrator on the other end.

Disguise of voice or facial attributes in order to look or sound like someone else. Group collusion and password sharing; where several employees come together to illicitly share their

privileges to gain access to sensitive information.

External methods are also common and are usually safeguarded by traditional firewalls. However, firewalls and

secure login procedures do not solve basic security holes such as password theft, or deliberate policy violation.

Computer attackers acquire passwords by a variety of means such as through password cracking programs,

backdoors and Trojan horses, packet spoofing, sniffing, keystroke loggers, etc, and sometimes by meremanipulation and deceit of IT personnel via the phone or through falsified emails.

How can we protect our financial data, intellectual property information, and trade secrets from getting into

the wrong hands? The threat of espionage is clearly evident, so the real question is-how do we stop it? Well first,

can a company truly protect itself from security threats inside the firewall? The answer is yes- through an

inner shield of insider security agents. What most security sensitive organizations need is an Inner Security

Shield; a system of insider agents that lie in-between corporate users and computer systems. At Nowell, we have

developed this insider system that addresses both external intruders and internal spies. Shalom Counter-

Espionage Software preemptively and proactively defeats internal security threats.

Let's assume, John, a company employee has access to his companies customer financial records database. If an

attacker is able to steal access to Johns computer account, it is likely that the attacker will exhibit behavior that

is very much unlike John. Shalom was designed to detect such abnormalities in real-time and confront users

behaving suspiciously. Shalom is an espionage-fighting security system that is dynamic, and secures multiple

users at the same time independent of what operating system they are using.

Some companies have been hit very hard by electronic espionage incidents, and statistics show that the numbersare steadily climbing [1]. In 1999, Fortune 1000 companies reported a total of $45 billion in losses due to

corporate espionage (Trends in Proprietary Information Loss, American Society for Industrial Security and

PricewaterhouseCoopers, 1999). It is important that we curb this problem by providing insider security agents

that identifies corporate spies and stops them while in the act of carrying espionage activity. Our system not

only identifies crooks, but also expunges intruders before administrators start investigating.

2

7/30/2019 Preventing Industrial Espionage

3/3

3

Shalom starts off by first learning how users behave (applications used, time of use, accessed networks, physical

location, etc) on their computers. For each user, Shalom masters their behavioral patterns and has the ability to

detect deviations, or user anomalies that intruders and bad insiders always exhibit.

Shalom also learns multiple specifics by interviewing each user using artificial intelligence. Here, Shalom talks

with each user in natural language. Users tell Shalom whatever they wish in an encrypted private session shared

with no one. This information is later used to interrogate suspects who exhibit suspicious activity.

When Shalom sees a user behaving way out of the norm, Shalom questions the suspect using information

obtained earlier from the real, authentic user. If the suspect is able to verify their identity by passing the

interrogative investigation, Shalom releases the user, but still reports. Administrators can later review these

reports to check for possible unauthorized insider activity.

On the other hand, if the suspect fails, or runs away, Shalom immediately ejects the intruder and informs other

Shalom agents to keep the compromised account locked out.

Shalom also reports the incident giving full details for further investigation. Shalom employs proven

mathematical models to distinguish between normal and suspicious user activity. This inspection process is

dynamic and held concurrently for all users at the same time everywhere on the network.

In conclusion, deploying Shalom agents provide you with an inner shield of insider security agents to protect

your company information from corporate spies and intruders. To say the least, a company using Shalom will

be better secured from threats within the firewall and the risks associated with corporate espionage are greatlyreduced.

For more information on Shalom, insider threats, and corporate espionage visit our Internet site at

www.nowellgroup.com

1. Ira Winkler, Corporate Espionage: What It Is, Why Its Happening in Your Company, What YouMust Do About It,

Prima Publishing, Rocklin California, Jun 1997.2. Ben N. Venzke, Economic Industrial Espionage", http://www.computerconsultants.com/news1.htm,

July 14th 2002.

3. Richard Power, Richard Power On Corporate Espionage,http://www.techtv.com/cybercrime/print/0,23102,12005,00.html,

September 15th 2000.

http://www.nowellgroup.com/http://www.nowellgroup.com/http://www.nowellgroup.com/