Foreign economic espionage costs the U.S. economy enormous amounts of money each year. However, because of the very nature of economic espionage, the costs can only be crudely estimated. President Obama has cited the combined costs of economic espionage and cybercrime at $1 trillion annually, while in 2014, the Center for Strategic and International Studies put the annual figure at $445 billion.
In terms of national economic espionage, the U.S. tends to focus on the efforts of one country — China. Russia is often listed as a culprit in cybercrime and identity theft hacks, but in terms of espionage for commercial purposes (stealing trade secrets), China is at the top of America's list. China has long been criticized for a lax attitude toward foreign intellectual property (IP), and the U.S. has filed multiple complaints with the World Trade Organization with varying degrees of success.
While noting espionage efforts against the U.S. from allies including France and Israel, a 2011 report from the Office of the National Counterintelligence Executive to Congress stated flatly that "Chinese actors are the world's most active and persistent perpetrators of economic espionage."
At the time of the 2011 report, the Washington Post quoted an anonymous intelligence source estimating some of the larger IP thefts over the previous six years: Dow Chemical insecticide research at $100 million; DuPont chemical compositions worth $400 million; Motorola technical information at $600 million — even $20 million in proprietary formulations from Valspar, a paint and coatings company.
Consider these more recent cases of Chinese espionage, not all involving cybercrime:
- In March 2014, a U.S.-based businessman was convicted of stealing secrets from DuPont relating to one production path for a form of titanium dioxide (TiO2). TiO2 is a common component in paints and coatings (used to hide the previous color) and is also useful in many other industries.
- In May 2014, the Justice Department indicted five people from the Chinese military for allegedly hacking into industrial computers and stealing trade secrets to be used by state industries, according to the Washington Post. Among the companies hacked were U.S. Steel, Alcoa, Westinghouse Electric, Allegheny Technologies, and SolarWorld — important players in the steel, nuclear and solar industries, and all with important infrastructure technology.
- In the most recent case, three professors at Tianjin University were indicted in U.S. courts along with three other Chinese citizens for theft of wireless technology from Avago Technologies and Skyworks Solutions. Two of the professors were former employees of those companies. The six are accused of working in conjunction with the university to develop the stolen technology and form ROFS Microsystems to commercialize it.
Bloomberg reported in 2014 that the Chinese government was setting up intellectual property courts in an attempt to improve their image. Since then, these courts have been put in place in Beijing, Shanghai, and Guangzhou. It remains to be seen whether these courts will make any difference from the perspective of foreign companies, or will adjust the Chinese attitude toward foreign IP.
These are all reminders that if you work in industry, you should not blow off your IT and security group. Yes, the security measures can seem heavy-handed and unfocused at times, but industrial espionage is real and rampant. The DuPont and Valspar cases show that seemingly mundane industries can be just as vulnerable as high-tech or defense applications. The next time you click on unsecure links with work computers or use them wirelessly in unsecured areas, picture yourself answering to your CEO (or the FBI) why the breach was traced to your computer.