Cybercriminals are making the shift from focusing on the stealing of personal information to the targeting of corporate intellectual property, recognizing that there is tremendous value in the sale of proprietary information and trade secrets. While some high-profile cases where cyber espionage leads to the compromise of classified materials make the headlines, the larger threat is to the enterprise through the pilfering of technology-related information that is otherwise unclassified. To combat the increase in operations designed to glean sensitive trade secrets, an FBI-supported program called RED DART has been created to better educate the private sector on counterintelligence techniques.
“Everybody wants to emulate U.S. technology. If countries can shortcut 10 or 20 years’ worth of research and development by stealing our technology, that puts them at an obvious advantage,” said Naval Criminal Investigative Service special agent Brent Underwood in an FBI press release.
RED DART seeks to stem the tide of intellectual property theft through educational briefings which are being provided to defense contractors and other strategic technology producers with the hopes it will make it more difficult for other nations and foreign competitors to take developmental shortcuts by stealing technology that would otherwise take decades to develop, a problem that significantly undermines national security and economic stability.
“A big part of our program is putting information out there about the threat so that people understand just how serious it is. When a company’s trade secrets are compromised, it can threaten national security, but it can also hurt that company’s bottom line and its ability to keep people employed,” said FBI Special Agent Lou Velasco, RED DART's coordinator.
RED DART briefings focus a a wide variety of vulnerabilities, which may include insider threats posed by foreign nationals who are planted by other countries with the intent to pilfer trade secrets, or those who pose as potential investors or customers in order to gain access to otherwise confidential information. The program also focuses on educating the enterprise about bolstering network security defenses to defend against the ever present threats from hackers.
“Our core constituents are early-stage companies... trying to raise money and get their product to market. They don’t have much time or the resources to consider security risks. If RED DART can get them to understand these risks, it helps everybody. When they realize that all their efforts could be for naught if their technology is stolen or compromised, it can be eye-opening for them,” said Griff Kundahl, executive director of the Center of Innovation for Nanobiotechnology, which works in tangent with the RED DART program.
“Our challenge is to show how real the threat is. We arm people with tools so that they can make appropriate business decisions,” Velasco added. Some of the basic recommendations the program focuses on to protect trade secrets include:
- Identifying trade secrets and implementing a plan for safeguarding them
- Securing both physical and electronic versions of trade secrets and confining intellectual knowledge to a need-to-know basis
- Providing training to employees about the company’s intellectual property security policies and raising awareness of e-mail tactics such as spear phishing
- Not storing private information vital to the company on any device that connects to the Internet
- Asking the FBI or other agencies to provide additional awareness training for the enterprise
RED DART programs are now available in Virginia, South Carolina, and Mississippi, and the program is expected to be expanded to other regions.
“When RED DART helps a company protect itself a little better, it not only helps them, it helps our national security,” said Michelle Brody, a special agent with the Defense Security Service and a founding member of RED DART.