China continues to use the five-fingered discount of corporate espionage Credit: Thinkstock China’s hand in the cookie jar? Nation state or corporate espionage? Some themes change and others stay the same, this theme continues to morph as the China, its state-owned enterprises and conglomerates with ties to the government continue to vacuum up global technologies.Why? Obtaining the fruits of the labors of other’s research and development via subterfuge and skulduggery is much more cost efficient than conducting principal research directly. China’s efforts over the past 30 years have been extraordinarily effective, some might opine, textbook perfect.So, how’s China doing? The most recent incident involves Siemens Netherlands. Siemens is the latest Chinese victim. In early April 2017, Dutch police arrested a 65-year old Siemens Netherlands employee as he was heading to China. The gent’s luggage, workplace and home were searched and physical files and digital storage devices were seized. Siemens Netherlands confirmed one of its employees was arrested, but declined to identify the employee by name or area of specialization.The Dutch Public Prosecutor shared, “He is suspected of leaking corporate secrets, including patent rights, to a competitor in China in exchange for money.” The engineer was an employee within the engineering division, working at the Siemens Netherlands office near Hengelo, within Twente (near the German border). According to the Siemen’s website, the division’s multiple product groups, including smart grid, renewable energy and fossil power generation.How did Siemen’s discover the insider who had broken trust? Siemens compliance office received a tip via their company-wide whistleblower system. The system allows any Siemen’s employee to provide information on illegal or corrupt activities anonymously.The Dutch authorities were subsequently alerted by Siemens directly that their intellectual property was being purloined. The back story on China’s nation state and corporate espionage effortsIn March 2017, Chinese President Xi gave the People’s Liberation Army (PLA) a kick in the pants. According to the official web portal of the PLA, Xi told the PLA, “We must have a greater sense of urgency to push for sci-tech innovation and advancement with greater determination and efforts.” He went on to admonish the PLA to promote military-civilian cooperation and technology adoption and adaption. The Communist Party of China (CPC) Central Committee established a central commission to “integrate military and civilian development.”As Yogi Berra famously noted, “It’s déjà vu all over again.”In 1986, China hit the gas on their technology acquisition efforts with their infamous Project-863. The purpose of Project 863, according to the Chinese Ministry of Science and Technology (MOST), was to “meet the global challenges of new technology revolution and competition.” MOST continues, “in order to gain a foothold in the world arena; to strive to achieve breakthroughs in key technical fields that concern the national economic lifeline and national security; and to achieve ‘leap-frog’ development in key high-tech fields” China’s foot continues to be on the accelerator. Security awareness works Those who have poo-pooed the efficacy of security awareness programs, should take heed.Siemens did not detect the theft of the intellectual property via sophisticated data loss prevention technologies. They may have used those technologies to verify the employee’s activities, but it was one employee noting something was not quite right and reporting it in an appropriate and actionable manner. Self-policing at its best. If an employee does not exceed their professional brief, that is their normal and natural access necessary to conduct their duties, it is near impossible to detect their having broken trust with their employer, except through their non-technical behavior, which is observable by colleagues. (Also read: ” 9 tips, tricks and must-haves for security awareness programs.”)Does one need more evidence of the importance of educating one’s workforce and empowering them to say something when they see something. Make sure your security awareness program includes a clear pathway for your employees/colleagues to report suspicious activity. This may be the most important part of every insider threat program. Related content news analysis China’s MSS using LinkedIn against the U.S. The head of the U.S. National Counterintelligence and Security Center says China's MSS is using social networks, specifically LinkedIn, to target, access, and recruit U.S. sources. By Christopher Burgess Aug 31, 2018 4 mins Social Engineering Cybercrime Security news analysis Tesla insider with expired NDA spills the tech beans A former Tesla engineer with an expired non-disclosure agreement (NDA) shared inside technical information on an obscure forum, which was quickly shared across multiple social media platforms. By Christopher Burgess Aug 30, 2018 3 mins Risk Management Security news analysis Horizon Air tragedy highlights airline insider threat vulnerability The ease at which a Horizon Air employee was able to steal and crash a Bombardier Q400 turboprop will likely prompt airlines to develop an insider threat mitigation strategy to close this vulnerability. By Christopher Burgess Aug 13, 2018 4 mins Security news analysis How did the TimeHop data breach happen? Compromise of an employee's credentials, lack of multi-factor authentication, and weak insider threat analysis all played a factor in the recent TimeHop data breach in which 21 million user accounts were compromised. By Christopher Burgess Aug 10, 2018 4 mins DLP Software Analytics Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe