US Colleges and Universities are known for innovation, collaboration, and knowledge-sharing. These qualities help form the bedrock of US economic success. These same qualities also make US universities prime targets for theft of patents, trade secrets, Intellectual Property (IP), research, and sensitive information. Theft of patents, designs and proprietary information have resulted in the bankruptcy of US businesses and loss of research funding to US universities in the past. When a foreign company uses stolen data to create products, at a reduced cost, then compete against American products, this can have direct harmful consequences for US universities that might receive revenue through patents and technology transfer.
Foreign adversaries and economic competitors can take advantage of the openness and collaborative atmosphere that exists at most learning institutions in order to gain an economic and/or technical edge through espionage. Espionage tradecraft is the methodology of gathering or acquiring such information.
Most foreign students, professors, researchers, and dual-nationality citizens studying or working in the United States are in the US for legitimate reasons. Very few of them are actively working at the behest of another government or competing organization. However, some foreign governments pressure legitimate students and expatriates to report valuable information to intelligence officials, often using the promise of favors or threats to family members back home.
The goal of this SPIN is to provide an overview of the threats economic espionage poses to the academic and business communities. The Strategic Partnership Unit (CD-4F) welcomes your feedback.
Foreign governments, foreign businesses, and competitors have sought to improperly or illegally obtain information from US institutions of higher education.
Foreign companies may provide resources, information, and competitive intelligence, on behalf of their indigenous government as a way to promote the overall economic well-being of their country, and to bridge research and development knowledge gaps with stolen information.
Foreign businesses may steal trade secrets, IP, proprietary research, and sensitive information in order to gain an economic edge or dominance.
While information is shared on campuses, there is still an ethical, and sometimes legal, responsibility to protect research. With the extensive amount of primary re-search done at universities, many academics hope to gain recognition for innovative research. When IP is stolen from academic institutions, they face not only the loss of potentially valuable information and technology, but also risk rendering obsolete the years of work and research that went into the foundation of the IP. Such a loss could preclude the ability to conduct related research and development in the future. Research is often funded by private companies or the government who may need a first-to-market practical application from the research to make it worth their investment. Stealing the research could then equate to stealing money from the funding organization/agency.
ACADEMIC ESPIONAGE TRADECRAFT
The following have been proven as successful platforms for academic espionage in the past and flourish in collaborative, open environments:
- Social media manipulation; using false identities to solicit sensitive information via the Internet.
- Academic event solicitation; using a conference as an opportunity to solicit sensitive information in person.
- Tour groups/delegation visits; pretending to be lost and wandering into sensitive areas, or to gain physical access to automated systems.
- Studying abroad; coercion and recruitment by foreign government agents masquerading as friends or patrons.
The following behavioral indicators warrant further inquiry to determine whether an individual is stealing research:
- Without need or authorization, removes proprietary or physical material out of the facility.
- Seeks or obtains proprietary or sensitive information on subjects not related to their research/studies.
- Unnecessarily copies material, especially if it is proprietary or classified.
- Remotely accesses the computer network while on vacation, sick leave, or at other odd times.
- Conducts research/studies at odd hours without a need or authorization (i.e. weekends, holidays, or relatively un-usual schedules).
- Disregards organizational computer policies on installing personal software or hardware, accessing restricted web-sites, conducting unauthorized searches, or downloading confidential information.
- Short trips to foreign countries for unexplained or strange reasons.
- Unexplained affluence; buys things that he/she cannot afford on his/her household income.
- Engages in suspicious personal contacts, such as with competitors, personal business partners, or other unauthor-ized individuals.
- Overwhelmed by life crises or career disappointments.
- Shows unusual interest in the personal lives of co-workers; asks inappropriate questions regarding finances or rela-tionships.
- Concern that he/she is being investigated; leaves traps to detect searches of his/her work area or home; searches for listening devices or cameras.
Many people exhibit some or all of the above to varying degrees; each suspected threat should be evaluated if some or all indicators are apparent.
Individuals and organizations that want to obtain valuable and restricted information may misrepresent themselves and their intentions in order to gain access to restricted information. Colleges and universities should identify their intellectual property, be cognizant of individuals and organizations looking to steal such information, and enact controls to mitigate such threats.
FBI Counterintelligence Strategic Partnership Note: Preventing Loss of Academic Research
The following intelligence note was obtained from the website of the University of Maryland, Baltimore County.
Counterintelligence Strategic Partnership Intelligence Note (SPIN): Preventing Loss of Academic ResearchPage Count: 6 pages
Date: June 2015
Originating Organization: Federal Bureau of Investigation Strategic Partnership Unit
File Type: pdf
File Size: 759,369 bytes
File Hash (SHA-256): 049B0B128AFB7ADD2C35FDA1593759F0942EF90BDDD3823C185D7B5B9F0D1825