U.S. Ups Ante for Spying on Firms

From the Wall Street Journal:  The White House threatened China and other countries with trade and diplomatic action over corporate espionage as it cataloged more than a dozen cases of cyberattacks and commercial thefts at some of the U.S.’s biggest companies.

Top administration officials painted a pervasive portrait of the far-reaching costs of espionage—competitive disadvantages, job losses, product impacts—that American firms as well known as General Motors Co and DuPont Co have already had to confront.

“There are only two categories of companies affected by trade-secret theft: those that know they’ve been compromised and those that don’t know it yet,” Attorney General Eric Holder said at a White House conference Wednesday. “A hacker in China can acquire source code from a software company in Virginia without leaving his or her desk.”

A number of corporations backed the push to intensify pressure on foreign governments to combat the theft of trade secrets. John Powell, general counsel of American Superconductor, alleged at the conference that his firm’s intellectual property was stolen by its largest customer, a big China wind-turbine manufacturer, with the help of a former employee.

“It’s a real threat and it’s a really costly threat,” he said.

The new strategy is aimed at producing a change in Beijing, which has repeatedly denied it sponsors such incursions, including this week.

Incidents linked to China in recent years include cyberinfiltrations of Google Inc, computer security firm RSA Security Inc, Lockheed Martin Corp, and Nortel Networks Corp.

The new push comes on the heels of fresh allegations of Chinese cyberspying, including at The Wall Street Journal, New York Times and other media outlets, and represents an effort by Washington to respond to growing complaints about theft of military and corporate secrets.

The administration’s strategy, outlined in a report at the conference, will bring together officials from across the government. New measures raise the prospect of stepped-up U.S. trade restrictions on products and services derived from stolen trade secrets and diplomatic pressure to reinforce the administration’s commitment to curbing such thefts.

The White House on Wednesday didn’t specify actions it would take against China, but the strategy document is peppered with examples of Chinese theft of corporate secrets from top American firms, and officials said the administration has repeatedly raised the theft issue at senior levels of the Chinese government.

“With respect to China, protection of intellectual property and trade secrets remains a serious and highly troubling issue,” said Undersecretary of State for Economic Affairs Robert Hormats, at the White House event, which marked the beginning of the new strategy.

Of the 19 cases that had resulted in charges and convictions detailed in the strategy document, 16 involve theft aimed to benefit entities in China, such as stolen hybrid technology from GM and military secrets from defense contractor L-3 Communications Holdings Inc, among others.

The Obama administration is casting trade-secret theft as a major threat to both economic and national security. “The theft of trade secrets impacts national security, undermines our global competitiveness, diminishes U.S. export prospects and puts American jobs at risk,” said Victoria Espinel, U.S. intellectual-property enforcement coordinator.

Corporate officials at the conference welcomed the move as a start. Dean Garfield, CEO of the Information Technology Industry Council, an industry group, called the administration’s new strategy “a catalyst for action,” adding, “we can do a lot more.”

Wednesday’s move follows an executive order that President Barack Obama signed last week to create voluntary cybersecurity standards for companies running critical infrastructure like the electric grid.

Karan Bhatia, a vice president at General Electric Co voiced support for the administration’s new effort—so long as such security standards remain voluntary.

The administration had been working on both measures for several months; its announcement coincided with a spike in recent disclosures about cyberinfiltrations of the U.S. news media and critical infrastructure by cyberspies believed to be linked to the Chinese government.

“This is what you have to do to get the Chinese to behave differently,” said James Lewis, a former top State Department official who is now a cybersecurity specialist at the Center for Strategic and International Studies. “You’ve got to keep pushing on them; you’ve got to keep grinding.”

But, he cautioned, results will likely take several years.

The U.S. had some success in employing a similar strategy of diplomatic and trade pressure in the 1990s to curb Chinese proliferation of weapons of mass destruction and related military equipment.

In addition to denying it condones computer hacking, China also has said that it is itself a victim of cyberattacks and that Chinese law forbids such attacks.

Akamai Technologies, which monitors large amounts of web traffic, said in the third quarter of 2012 China was the world’s No. 1 source of observed attack traffic, with 33% of such traffic. The U.S. was second, at 13%.

U.S. intelligence agencies issued a rare public report in 2011 that fingered Chinese hackers as the “most active and persistent perpetrators of economic espionage.” Senior intelligence officials said the Chinese government and sympathetic hackers are behind the cyberspying.

A House intelligence committee report last year concluded the Chinese telecom giant Huawei Technology Co’s presence in the U.S. poses a national-security threat. Huawei called the congressional report “an exercise in China-bashing.”

As one component of the new strategy, U.S. law-enforcement and intelligence agencies will work more closely with the private sector to school them in counterspying and provide warnings about emerging corporate-espionage threats.

The spy agencies will provide reports to the private sector on key aspects of the threat, including the number and identity of foreign governments involved, the industry sectors most targeted, and how the espionage is being conducted.

The new U.S. strategy also calls for a more aggressive diplomatic response to the theft of trade secrets, much of which is now done by infiltrating computer networks of target companies. Some is also still done by recruiting human spies.

The State Department will ensure that a consistent and “appropriate” message is delivered to foreign governments to communicate the administration’s commitment to reducing the theft of intellectual property and the importance it places on more effective legal penalties and enforcement for trade-secret theft.

Wednesday’s strategy report said Washington would work with its allies to coordinate on ways to pressure countries like China that the U.S. government says are engaged in rampant theft of intellectual property. That effort will be led by the State and Commerce Departments and the U.S. Trade Representative.

The U.S. also will use trade arrangements such as the Trans-Pacific Partnership to seek new provisions on trade-secret protections that include penalties similar to those in U.S. law.

Mr. Lewis said that over time, the government will probably need to raise pressure with such actions as denying visas to Chinese researchers or denying certain Chinese companies access to U.S. banks.

The strategy also directs agencies to evaluate current laws and determine if additional legislation is needed to protect trade secrets.

Contact Matthew Nicholls (ph: +61 3 8376 7131) to discuss your requirements.