The Very Hungry Dragon:
Protecting Intellectual Property From
Industrial Espionage
EXECUTIVE SUMMARY
“THE CONVERSATION” COMES TO LIFE
There seems to be no end to the kinds of trade secrets
competitors want. From seed corn to original masters
to how to make a whiter white those who don’t have
the secret want to have it. Rather than enter into a legal
agreement with the company that owns the secret, many
foreign companies choose to infiltrate and steal it instead.
This trend is on the rise with a reported 53% increase in
incidents from the prior year. The Justice Department describes the vast scale of Chinese espionage as a national
security emergency that costs American companies
hundreds of millions of dollars and millions of jobs.
The FBI reports that industrial espionage costs U.S.
companies more than $300 billion every year and that
number grows as nations seek to quickly advance their
national technological capabilities. Foreign competitors
are bolstered by their governments and their attacks on
industry are becoming more varied and more brazen.
In fact, reported cases are up 53% year over year. In days
past, industrial spies were likely to infiltrate a competitor’s
installations and covertly remove blueprints. Today they
are much more likely to be thousands of miles away,
even more effectively searching for and removing intellectual property electronically, while never setting foot
in a target facility. Recently, the US Justice department
charged six Chinese scientists for stealing trade secrets
and engaging in industrial espionage on behalf of China.
“Delving into China’s ‘elaborate, comprehensive
system for spotting foreign technologies, acquiring
them by every means imaginable and converting
them into weapons and competitive goods,’ the
book concludes that ‘there is nothing like it in the
world.’ The People’s Republic of China (PRC) is implementing ‘a deliberate, state-sponsored project to
circumvent the costs of research, overcome cultural
disadvantages and ‘leapfrog’ to the forefront by
leveraging the creativity of other nations,’ thereby
achieving ‘the greatest transfer of wealth in history.’”
With very little to lose and huge economic gains to be
made, what are US companies doing to prevent losing
their advantages? Until now, they have used the same
strategies used to protect any of their assets: physical
security, encryption, and employee education. But US companies now
have an edge that confounds even the most
persistent spy.
Chinese Industrial Espionage: Technology Acquisition and Military Modernization Hannas, Melvenon, Puglisi. Reviewed by Arturo Munoz
Fans of Gene Hackman movies would recognize many
of the Cold War era spycraft tactics operatives use to
gain access to industrial intellectual property. Espionage
operatives use covert and overt methods to get close
to the information they want. Visiting businessmen may
ask for the restroom and end up looking for an unlocked
computer to pop in a jump drive. Operatives may “get
lost” in restricted areas of a facility. They look for legitimate employees with restricted access and attempt to
turn them. Promises of money, real estate, women, and a
new life are typical offers.
Once the operatives have a way in, the transfer of information begins. From network drives, from stand-alone
servers, from laptops - all types of files are transmitted
via electronic and physical means. Whether an operative
successfully turns an insider, gets lucky downloading
onto an external drive, or breaks through network security protocols inside the firewall, information is what they
are after.
1
www.SertintyONE.com
The mechanisms companies have to combat the exfiltration of their intellectual property are limited and overlap
with the same tactics used in sound hiring and physical security. They include:
•  Thorough background checks on employees and contractors especially. Background checks should include multiple references and identify possible factors that may indicate a worker may be more prone to
disclosing information.
•  Segregate proprietary sensitive data onto servers separated from the network or internet. Trade secrets
like formulas, plans, or codes should be stored on a server segregated from all other data and that server
should not have access to the Internet. An extreme example of this is the way KFC stores Colonel Sanders
original chicken recipe with 11 herbs and spices. That handwritten recipe is stored in a 770-pound Fire King
safe inside a room built of two-foot think concrete with 24-hour video and motion detection surveillance.
•  Follow a least privilege model for authorization to data. A least privilege model allows access to the minimum amount of information that allows normal business operation. For example, a group of application
developers may only have access to specific functions they work on with only a very few, highly trusted,
people having access to the entire code base.
•  Review physical security protocols and sweep for devices (audio or video bugs). It’s good practice to regularly exercise technical surveillance countermeasures like reviewing facilities for eavesdropping equipment and video bugging devices. Whenever a visitor comes to your facility or when an employee has been
turned, your facility is at risk.
•  Sweep for malware. Malware detection and removal are likely part of your IT security processes. The most
common types of malware in industrial espionage are key-logging software, back door access, and information-stealing trojans. Each of these gives a special kind of access to private data. Unfortunately, there
are limitless varieties of malware and it’s often difficult to detect.
•  Train for employee behavior. Employees should be trained to recognize visitors acting without supervision, to lock their workstations, to create strong passwords, and to recognize and report social engineering
attempts.
•  Deep packet inspection optimizes network performance by looking for traffic that consumes more bandwidth and in some cases can stop the traffic. Heavy traffic can be caused by a single process hogging the
network (like streaming services) or by an outside attack. Deep packet capture is used to capture traffic for
review and analysis. While these technologies can identify anomalies faster than a human analyst, they still
cannot prevent a network breach and the subsequent theft of data.
So if corporate spies can steal IP even when your information security is otherwise state-of-the-art, is the battle
lost? No. It’s likely that your company is overlooking a
wide open flank that, until now, has been considered
incapable of participating in the security fabric. That
element is the data itself. SertintyONE can make your IP,
digital masters, or licensed work an active defendant in
its own protection.
Even when US companies follow these protocols closely,
they are subject to espionage. In May 2014, the US government charged five Chinese government officials with
cyber-attacks against some of the US’s largest companies: US Steel, Westinghouse, Alcoa, SolarWorld AG, and
the United Steelworkers. Their goal: to steal trade secrets and strategic information that would allow Chinese
companies to unfairly compete with US companies or
to leapfrog their own technological limitations and save
hundreds of millions of dollars and years of research. The
allegations against the Chinese are wide-ranging and
include theft of proprietary and technical plans, confidential emails from executives, financial data, production line
specifications and costs, and employee network credentials.
www.SertintyONE.com
2
A BETTER WAY
SertintyONE SmartData Ensures:
Legitimate users access the right segment of intellectual property data
•  Data owners determine who can access IP,
digital masters, or licensed files (and how
much of it), providing granular access down
to the byte level
•  Creates effective electronic redaction
•  Owners can add, change, or remove access
at any time
Indelible audit and event logs
•  Any action can trigger an event entry – access attempts and their associated conditions, changes to the SmartData, file signatures and more.
•  Entries can be recorded inside SmartData
or an external repository and data owners
can be notified when there is an entry
Enforced compliance at the data layer
•  Retention policies can be implemented
globally
•  Owners can specify when and where IP can
be accessed
The concept of self-protecting data is about as old as the
concept of data encryption. Typical encryption uses public and private keys that are exchanged between senders and receivers. Anyone in possession of the key can
access the entire contents of the encrypted file, making
encryption an effective method of data protection if the
data needs to be shrouded from casually curious eyes.
For anyone with more than a passing interest, encryption is more of a speed bump than a true deterrent.
To enhance data protection, companies layer security
methods. Firewalls, anti-virus, encryption and employee
behavior all work in concert to deny network breaches
Anomaly mitigation
•  Data owners can be alerted on an attempt
to access SmartData
•  SmartData can request multi-vector
third-party authorization
•  SmartData can deny access to its contents
if any factor is unrecognized
•  Under conditions set by the owner, SmartData can destroy itself
“Ultimately, the security perimeter and access
controls need to be embedded into the data itself. As data increasingly becomes the lifeblood of
business, it must be self-aware and self-protecting to securely flow to the right people—and only
the right people—at the right time and in the right
location. Starting at the time of its creation, enterprise data should be protected and enhanced with
context and policy—who, what, where, when and
how it can be accessed—or know where to go to
determine the access policy.”
SUMMARY
China has maintained a relentless pace in their effort to
poach intellectual property from US companies with no
indication that they will slow down. In fact, since their
latest five-year plan was rubber stamped in early 2016,
any technology company in the spaces they intend to
pursue needs to seriously review the sensitivity of their IP.
Even so, China is likely to target and attack an increasing
number of companies.
- David Konetski, Dell Fellow and Executive Director of End User Computing Security & Systems
Management Solutions, Dell
3
www.SertintyONE.com
(cont’d)
There are physical, technical, and human barriers to prevent the theft of intellectual property that, even working
together, are not enough to prevent trade secrets from
walking out the door. But when SmartData is added to
the equation, the odds change in your favor.
China may be relentless in its initiative to gain trade secrets, but you can add a new weapon to your arsenal that
allows prescribed access only to legitimate individuals
only under specific conditions.
NEXT STEPS
SmartData, with advanced authentication, enforced policy and auditing built-in becomes inextricably combined
with any type of data file (Intellectual, Copyrighted and
Licensed Properties). You can be assured SmartData will
enable access by only legitimate users under conditions
authorized by the data owner. That means that even if
protected data leaves your facility on any type of media,
even if a company insider takes it, it will remain inaccessible and unusable based on the rules defined by the data
owner. Moreover, any attempt to access the data will be
logged and can be transmitted to the data owner.
Protect your IP at the data layer. Contact our Sales Team
for an evaluation of your existing protocols and to see
how SertintyONE SmartData complements your existing
solution.
[email protected]
WHO WE ARE
SertintyONE is a software development company
focused on protecting confidential, proprietary and
personal data. Our development initiatives are aimed at
ensuring the right person has the right information at the
right time, irrespective of the user, device, network or
operating system. We are headquartered in Nashville,
Tennessee.
SertintyONE SmartData technology allows:
✔ Valid, authenticated (legitimate) users only
✔ Complete control that lasts the lifetime of the data
✔ Compliance to be implemented globally and
by data object
✔ Complete privacy and trust
✔ A complete audit history
SertintyONE Corporation
Nashville, TN
(855) 313-6032
SmartData combines with any kind of IP file and cannot
be extracted from it, but it remains invisible to legitimate
users of the data, whether they are people or machines.
When the user has finished accessing the file, it is protected again in a unique way. The self-protection algorithms cannot be reverse engineered.
www.SertintyONE.com
www.SertintyONE.com
4