Cyber TSCM – A Vital Part of Your Overall IT Espionage Prevention Plan
Corporate espionage is one of the most rapidly growing challenges corporations of all sizes must contend with. Corporate espionage, often referred to as industrial espionage, is espionage conducted for commercial benefit. It includes all manner of confidential information collection by illicit means including electronic eavesdropping/technical surveillance, HUMINT intelligence, cyber collection and related information collection by a person(s), entity(s) or country(s) for financial or other gain.
Trade secret theft costs businesses throughout the world billions of dollars each year. The loss figures are staggering particularly in consideration of the current economic climate in the US, and subsequently the world at large. And, when the economic climate is challenging, trends indicate corporate espionage increases as businesses scramble to remain viable. Challenging economic climates make it increasingly more difficult to set aside resources for technology development, to retain top talent, to secure new contracts and/or to retain existing clients. All of these factors considered, it becomes imperative for corporations to put a plan into place to prevent corporate espionage in an effort to protect valuable corporate information.
One method of corporate espionage is defined as technical surveillance, which involves the capture of information by electronic means. Detection of technical surveillance requires both physical inspection and electronic counter measures, which is the skill set referred to as Technical Surveillance Countermeasures (TSCM). Cyber TSCM, which utilizes a combination of Technical Surveillance Counter Measures and Cyber Security skill sets, has become a skill set that is increasingly in demand as cyber attacks grow in frequency and in the volume of personal and corporate data that can be captured in a single attack or with a single device increase.
In the cyber realm, Advanced Persistent Threats (APT), information drain and hacking are the biggest espionage risks corporations face. A Cyber TSCM Inspection detects electronic eavesdropping devices and/or technical intrusions via remote access attack, within a corporation’s IT infrastructure. A cyber attack may be conducted via the wireless cellular network or over GSM / 3G / 4G or CDMA that is purposed for remote cellular access and collection of your confidential information. These attacks enable cyber intruders to gain unauthorized access to your information from anywhere in the world via a mobile phone signal.
One important fact that corporate executives and IT security professionals need to remember is that all information exists in the physical realm, before it ever enters the cyber realm. So, in the current corporate espionage climate, it is not adequate to perform only TSCM inspections OR IT security testing. A comprehensive cyber espionage program must incorporate Cyber TSCM inspections, along with IT security so data in the physical realm is not lost via the cyber realm. Those who purport corporate espionage are constantly searching for vulnerabilities in corporate security plans that will allow intrusions. They are well aware that vulnerabilities tend to exist where existing inspection methods don’t provide complete coverage because they transcend more that detection specialty. Cyber TSCM is an area that is outside the traditional role of a TSCM specialist, as well as beyond the expertise of typical IT specialist.
Here’s an example. A normal looking “power mains strip” is commercially available with an on board high-gain 802.11b/g/n wireless, high-gain Bluetooth (up to 1000′), dual-Ethernet and GSM cellular capability that includes hacking software. A typical IT security inspection would not detect this type of, yet the device has the capability to extract massive amounts of data through the cellular network. While this device is not a typical electronic eavesdropping device, Cyber TSCM inspections would include inspections for this type of device. In this instance, a Cyber TSCM inspection could stop a massive loss of data that would not be detected via an IT security inspection.
Victims of corporate espionage can unknowingly pass huge amounts of valuable data to a competitor, foreign government or other persons/entities. This data can include business plans, product trade secrets, customer information, and other data that can compromise your corporate viability and/or damage your corporate reputation. Proper IT Risk Management doesn’t involve only “cyber” threats within the scope of IT security, but should also include physical technical surveillance threats that use the wireless cellular network to capture data.
If your organization fails to implement periodic Cyber TSCM inspections in its IT risk management program, your corporation can become one of the many US corporations whose losses total a staggering $250 billion each year. Periodic Cyber TSCM Inspections along with your IT security inspections can protect your corporation and help to ensure your Governance, Risk & Compliance (GRC) plans are effective.
J.D. LeaSure is the Director of the Espionage Research Institute International (ERII), a membership organization consisting of counterespionage / counterintelligence professionals, Technical Surveillance Countermeasures (TSCM) practitioners, business and corporate executives in the US and throughout the globe. Visit https://erii.org for more information.
* Cyber TSCM ™ is a trade mark of ComSec LLC
© 2015 ComSec LLC. All rights reserved.