“Ask not what your country can do for you, ask what you can do for your country.”
-John F. Kennedy
We are all born with a desire to accomplish something bigger than ourselves; but none of us are imbued with the powers of the Tesseract, nor are we all cyber threat analysts with the military. Most of us are protecting the systems and assets of the organization giving us a paycheck. It’s hard to see the altruism and heroism in that.
I’d like to dispel that perception right now: IT security is a matter of national security – full stop. The role we play in protecting the intellectual property (IP) of our organization has a direct impact on the security of our nation – both in terms of protecting critical infrastructure and our nation’s economic instruments of power.
Part 1 of my National Cyber Security Awareness Month blog series directly addresses the long game being played by nation-states against our national security. The rest of the series will lay out several Active Directory security guiding principles we should all follow to do our part in protecting our organization’s trade secrets and our nation’s security.
- Part 2: Reduce your attack surface
- Part 3: Revisit group policy management often
- Part 4: CONSTANT VIGILANCE a.k.a. monitor and alert
- Part 5: Quickly investigate, remediate and recover (this one)
The value of intellectual property in the race for global power
“The theft of IP remains a grave threat to the United States,” warns the IP Commission Report, whose mission is to document the cause and scale of international affecting the U.S., identify perpetrators, and propose strong U.S. policy responses to mitigate damages and obtain greater enforcement.1 The IP Commission is just one of numerous federal agencies designed to stop IP theft; and numerous countries around the globe have similar agencies and associations to serve the same purpose.
Why?
Because IP theft costs businesses around the globe trillions of dollars a year. In the U.S. alone, the economic impact of trade secret theft is estimated as high as 3% of GDP or $540 billion according to the latest IP Commission Report.1
IP theft robs our nation and other nations of jobs and tax revenues, impacting our economy and our ability to compete for resources on the global stage.
FBI assistant director for counterintelligence, Bill Priestap, said in a statement before the Senate Judiciary Committee: “Economic strength is the foundation of national power.”2
This is an echo of a similar statement President Woodrow Wilson gave in 1919: “A nation that is boycotted is a nation that is in sight of surrender. Apply this economic, peaceful, silent, deadly remedy and there will be no need to force.”3
Or think about it this way, a strong economy gives a nation negotiation power, tariff and sanction leverages, stronger diplomatic relations and more foreign economic aid to further alliance building.
IP theft as a strategy for nation states
For the reasons stated above, nation states are playing an economic long game with their adversaries. Many of these countries are no longer interested in the quick wins, and are focused on building their own economic prowess and control of resources. And not all of their strategy is above board – and this is where YOU come in with regards to protecting what makes your organization successful – IP.
Nation states are employing various techniques to target businesses supporting and building critical infrastructure (telecommunications, IT, robotics, AI, high-tech manufacturing, aeronautics, etc.), such as:
- Spear phishing
- Malware and ransomware
- Good ol’ fashioned hacking, vulnerability and back door exploitation
- Recruiting insiders from targeted organizations
Here are a few examples to reinforce this point:
- A businessman was convicted in Federal court for stealing an employer’s trade secrets while planning a new job with a nation-state owned rival.4
- Nine hackers associated with a nation-state government were charged by the U.S. Department of Justice for accessing and compromising IP that cost universities and businesses $3.4 billion to develop.5
- Another nation-state backed hackers infiltrated and stole $81 million from Bangladesh Bank’s systems.6
Partnering to protect IP
All of this can seem daunting and overwhelming. How do you in your role as an Active Directory administrator or Office 365 manager protect against the forces behind state-sponsored attacks? You may want to throw your hands in the air and call it a day, but there are actions you can take to protect, monitor and remediate access to your organization’s IP.
Reduce your AD attack surface.
For U.S.-based organizations, you have access to InfraGard, a partnership between the FBI and the private sector that facilitates the timely exchange of information and collaboration to protect our nation’s critical infrastructure. The benefits for engaging in this free membership include:
- Building a relationship with the FBI so you know who to turn to, or who is notifying you, in the event of a data breach
- Access to FBI and DHS threat advisories, intelligence bulletins, analytical reports and vulnerability assessments
- Opportunities to attend training events and briefings held by the FBI and its law enforcement partners
Furthermore, you can continue to strengthen your AD security with the guiding principles I’ll set forth in this blog series throughout October.
You can also learn more about InfraGard and resources freely available to you to protect your business from nation-state economic sabotage by watching the on-demand webcast “IT Security is National Security” lead by CISSP and Quest Strategic Solutions Consultant, Bryan Patton. Watch on-demand.
Sources:
- http://ipcommission.org/report/IP_Commission_Report_Update_2017.pdf
- https://www.judiciary.senate.gov/imo/media/doc/12-12-18%20Priestap%20Testimony.pdf
- Quoted in Saul K. Padover, ed., Wilson’s Ideals (Washington: American Council on Public Affairs, 1942, p. 108).
- https://www.justice.gov/usao-ndil/pr/businessman-convicted-stealing-employer-s-trade-secrets-while-planning-new-job-chinese
- https://thehill.com/policy/cybersecurity/379911-treasury-sanctions-nine-iranians-for-hacking-into-us-universities
- https://www.cnn.com/2019/03/01/politics/north-korea-cyberattacks-cash-bank-heists/index.html
