The prying eyes of commercial spies may be quite familiarImage: picture alliance/ZB
June 29, 2010
Companies failing to protect themselves from external attack risk losing their competitive edge. In the information age, the threat of industrial espionage is all too real, with thousands of jobs at stake in Germany.
Some might describe the Cold War era as the good old age of espionage. Everything was clear cut: it was West versus East, capitalism versus communism, and a lone British secret service agent tearing across the silver screen to single-handedly save the world from yet another evil mastermind.
Although James Bond has had several reincarnations since then and the fine art of spying is not dead, in the real world these days it is unlikely to involve a high-speed chase in an Aston Martin.
And when it comes to economic espionage – something that is common in this day and age – the methods are generally a touch more subtle, and the prying eyes may be more familiar than you'd think.
They could easily belong to a dedicated office intern who always offers to stay late, or a friendly business partner with a hidden camera on the belt he wears for his tour of the factory. Or they could belong to a hacker monitoring a Trojan smuggled into the company's computer network on the back of an amusing email attachment.
Threat ‘very real’
There is really no fool-proof way of knowing instantly – and for internationally competitive companies, trusting in the untrustworthy is bound to lead to potentially dire consequences.
Burkhard Even, who runs the federal program for the prevention of commercial espionage, is only too aware of the seriousness of the issue. "From what we have seen, the dangers posed to the German economy through industrial espionage and competitive spying are very real," he said.
The federal program principally aims to support German companies being targeted by spies from foreign secret service agencies. And on that front, at least, the suspects are still from the other side of the Cold War era divide.
Old habits and old adversaries?
"If you're asking me to name names, the intelligence services in two countries in particular spring to mind: Russia and China. But let me make it clear that if we're talking about competitive espionage, I can assure you it happens all over the world," Even explained.
Organizations engaged in spying activities are generally after technology and knowhow, which, according to Berthold Stoppelkamp of the Working Committee on Security and Economy, are extremely valuable sources of capital for the German economy.
"The actual financial damage caused is in the region of 20 billion euros ($24.5 billion)," Stoppelkamp pointed out.
Some experts believe that is a rather conservative estimate, putting the real damage at closer to 50 billion euros. The huge discrepancy can perhaps be explained by the fact that many espionage cases never actually come to light.
Many cases not reported
"Huge numbers of cases go unreported, often because companies have not actually noticed them - that is probably most often the reason,” Even said. ”Or they're afraid that when someone from the Office for the Protection of the Constitution or from the police starts an investigation, that it could leak into the public domain, and ultimately do more harm than good."
Experts say as many as 70,000 jobs in Germany are directly threatened by industrial espionage, not to mention those that are indirectly threatened.
Small German companies often don't know that if they suspect that they are the target of industrial espionage they can call on the country’s secret service for support.
Besides, according to Michael Hange of the Federal Office for Security and Information Technology, there is also a lot of ignorance about how to protect against prying eyes, particularly on the Internet.
Risky bits and bytes
"You need IT security management - a culture of IT security," Hange explained. "You need guidelines. You need to sensitize employees and identify the information which most needs to be protected and then think about encrypting that information so it can't be accessed on the Internet."
Hange's main responsibility is to support public authorities in protecting themselves against espionage, but he also helps private businesses with issues of IT security. And although smaller companies struggle to finance complex security procedures, Hange advises them to take whatever precautions they can.
"Up-to-date virus protection, a firewall is a must, and so are up-to-date versions of standard software," Hange said. "Software weaknesses are always used as a means of attack, which is why it is crucial to use the update services offered by the manufacturers."