1st Edition

Industrial Espionage Developing a Counterespionage Program

By Daniel J. Benny Copyright 2014
    232 Pages 33 B/W Illustrations
    by CRC Press

    The FBI estimates that billions of U.S. dollars are lost each year to foreign and domestic competitors who deliberately target industrial trade secrets. And, although today’s organizations face unprecedented threats to the security of their proprietary information and assets, most books on industrial espionage fail to supply guidelines for establishing a program to prevent and thwart such threats.

    Filling this need, Industrial Espionage: Developing a Counterespionage Program provides complete coverage of how to ensure the protection of company proprietary information and assets, including how to develop an effective corporate counterespionage program. The book presents the insights of a former veteran of the Office of Naval Intelligence.

    The book examines the motives behind industrial espionage and illustrates the variety of spy tradecraft utilized. Through the use of real-world case examples, the author provides guidelines to determine the current threat level to your organization’s proprietary assets as well as the physical security countermeasures, policy, and procedures that must be in place to establish an effective counterespionage program.

    Outlining the day-to-day aspects of protecting sensitive data and trade secrets in a corporate security setting, this book is suitable for organizations that have proprietary information and assets to protect, businesses that have operations or partner with companies overseas such as China, organizations that work with the federal government on classified projects, security and counterespionage professionals, and university degree programs in Homeland Security and intelligence.

    Industrial Espionage: Motives and Threats of Industrial Espionage Defined
    US Espionage Acts of 1917
    The US Economic Espionage Act of 1996
    Uniform Trade Secrets Act
    State Laws Related to Trade Secrets and Espionage
    US Intelligence Agencies
         Federal Bureau of Investigation (FBI) 
         Department of Homeland Security Office of Intelligence and Analysis 
         State Department Intelligence 
         Treasury Department Office of Intelligence Support 
         Defense Security Service 
    Determining the Value of Information
    Conditions for Industrial Espionage 
         Motive 
         Opportunity 
         Rationalization 
         Ability 
         Trigger
              Espionage Threat from Foreign Governments
              Espionage Threat from Competitors
              Espionage Threat from Inside
    FBI Warning Signs of Insider Espionage
    Espionage Threat from Freelance Industrial Espionage Operatives
    Bibliography

    Espionage Tradecraft
    The Intelligence Cycle 
         Planning and Direction 
         Collection 
         Processing 
         Analysis and Production 
         Dissemination
    Categories of Intelligence Collection and Tradecraft 
         Human Intelligence (HUNINT) 
              Methods of recruitment
         Imagery Intelligence (IMINT) 
         Open Source Intelligence (OSINT) 
         Signals Intelligence (SIGINT) 
         Measure and Signatures (MASINT)
    Deception and Pretext Tradecraft
    Bibliography

    Cyber Espionage
    Cyber Industrial Espionage Defined
    Cyber Espionage Indicators 
         Common Cyber Indicators 
         Phishing and Spear Phishing 
         Malicious Code 
         Weak and Default Passwords
         Unpatched or Outdated Software Vulnerabilities 
         Removable Media
    Cyber Espionage Tradecraft 
         Reconnaissance 
         Intrusion into the network 
         Obtain user credentials 
         Establish a backdoor 
         Install multiple utilities 
         Data exfiltration 
         Maintaining persistence
    Use of PowerPoint as Cyber Espionage Tradecraft 
         Insider Methods 
         Counter Methods
    Internet-Based Social Networking Espionage
    Advanced Persistent Threats
    Cyber Espionage Threats and Targets 
         Insiders
         Hackers 
         Cyber Criminals 
         Terrorists
         Organized Crime 
         Foreign Intelligence Entities (Cyber Spies)
    Cyber Espionage Targets
    Cyber Espionage Countermeasures
    Cyber Espionage Awareness Training
    Cyber Espionage Terms 
         Adware
         Anonymizing Proxies
         AutoRun Worm 
         Chain Letter or Email Malware 
         Cookies 
         Data Theft, Leakage, or Loss 
         Denial of Service 
         Domain Name System Hijacking 
         Fraudulent Antivirus Malware
         Internet Worm 
         Keylogger 
         Mobile Phone Malware 
         Phishing 
         Social Networking Threat 
         Spyware 
         Trojan
    Cyber Counterespionage Terms
         Anti-Malware 
         Anti-Spam 
         Application Control 
         Encryption 
         Firewall 
         Intrusion Prevention System
         Network Access Control 
         URL Content Filtering
    Bibliography

    Developing a Counterespionage Program
    Conducting a Counterespionage Risk Assessment
    The Counterespionage Plan
    Counterespionage Awareness Training
    Counterespionage When Traveling
    Travel Preparations 
         Travel Itinerary 
         Passport 
         Visas
         Documents 
         Luggage
    Transportation Hub Security
    Hotel Security 
         Planning
         Arriving at and Departing from Hotel 
         Check-in
    Counterespionage Security in a Foreign Country 
         Personal Conduct 
         Arrested! What Do I Do Now?
    Counterespionage Audits
    Counterespionage Investigations 
         Inductive Reasoning 
         Deductive Reasoning
    Counterespionage Technical Surveillance Counter Measures (TSCMs)
    Bibliography

    Protecting Proprietary and US Government Classified Information
    Identifying Information to be Protected
    Marking of Protected Information
    Secure Storage of Protected Information
         Class 1 
         Class 2 
         Class 3
         Security Filing Cabinets
    Secure Destruction of Protected Information
         Methods of Destruction 
              Paper Records 
              Electronic Media 
              Physical Destruction
              Removable Media 
              Nonelectronic and Nonpaper Media
    Protection of US Classified Information 
         Defense Security Service 
         Industry Programs Partnership with Industry 
         The Defense Security Service Vision and Mission 
         Classification of US Government Information 
         National Industrial Security Program Operating Manual 
         Marking Classified Information
    Overall Classification Markings
    Automated Information Processing Requirements
    Portion Marking
    Point of Contact Marking
    Release to Foreign Countries/Organizations
    Access and Need to Know
    Protection of Classified Information When in Use
    Protection of Classified Information When in Storage
    Destruction of Classified Information
    Methods of Destruction of Classified Information
    Transmitting Classified Information
    Reproducing Classified Material
    Suspicious Espionage Activity
    Cleared Employee Reporting Requirements
    Check List of What to Report
    To Whom to Report
    Departure of Cleared Employees
    Required Security Briefing
    Manual for Physical Security Standards for Sensitive Compartmented Information
    Compartmented Information Facility
    Bibliography

    Physical Security
    Intrusion Detections System 
         Electromagnetic Contacts
         Photoelectric 
         Laser 
         Glass Breakage 
         Pressure-Sensitive Sensor 
         Vibration 
         Audio
         Ultrasonic 
         Microwave 
         Passive Infrared 
         Capacitance Proximity 
         Dual Chamber Smoke Detector 
         Rate of Rise Heat Detector 
         Natural Gas or Carbon Monoxide Detectors 
         Water Flow 
         Security Cameras 
              Lens/Camera 
              Transmission of the Signal 
              Monitoring 
              Digital Recording and Monitoring 
              Motion Detection
    Determining Total System Cost 
         System Design Cost 
         System Installation Cost 
         System Operational Cost 
         IT Related Cost 
              Maintenance Cost 
              Replacement Cost 
              Cost–Benefit Analysis 
              Cost of Loss 
         The Cost of Prevention
         Return on Investment (ROI)
         Total Cost of Ownership (TCO) 
         Cost Factor 
         Locks, Key Control, and Access Control 
              Mechanical Locks 
              Wafer Tumbler Lock
              Dial Combination Lock 
              High Security Dead Bolt Lock 
              Card Access Electrified Locks
              Exit Locks 
              Master Locking System
    Control of Keys and Locking Devices 
         Master Key
         Duplication of Keys 
         Lost Keys 
         Disposition of Employee Keys upon Transfer or Termination
    Security Containers 
         Class 4 
         Class 5
         Class 6
    Security Filing Cabinets
    Security Barriers and Fencing
    Security Lighting
         Incandescent 
         New Fluorescent (To Replace Incandescent) 
         Quartz 
         Mercury Vapor 
         Sodium Vapor
    Protection of Windows and Utility Ports 
         Annealed Glass 
         Wire Reinforced Glass 
         Tempered Glass 
         Laminated Glass
         Annealed Glass with Security Film 
         Acrylic 
         Lexan
         Bullet Resistant Glass 
         Bullet Resistant Acrylic
         Lexgard
    Radio Frequency Identification, Magnetometers and X-Ray 
         Magnetometers
         X-Ray
    Bibliography

    Security Department

    Chief Security Officer
    Determining the Size of the Security Department
    Mission of the Security Department
    Legal Authorization to Protect the Facility 
         Pedestrian Stops
    Profile and Security Threat
         Size of the Facility 
         Hours of Operation 
         Number of Employees and Visitors
    Proprietary Security Force
    Contract Security Force
    Security Department Uniforms and Identification
    Staff and Visitor Identification
    Security Department Protective Equipment 
         Handcuffs 
         Oleoresin Capsicum Spray 
         Batons
         Firearms 
         Use of Force Continuum
    Security Department Vehicles 
    Lighting
    Security Department Communications
    Security Department Reports
         Incident/Complaint Report and Continuation Report 
         Daily Activity Report
    Protection of Security Department Information
    Ethics and Conduct 
         Ethics
    Security Department Training 
         Professional Security Certifications
    Security Patrols
    Apprehension and Arrest
    Bibliography

    The Human Resources Department and Counterespionage
    Position Description and Separation of Functions
    Pre-Employment Background Investigation 
         Criminal Records 
         Civil Records 
         Driving Records 
         Employment History 
         Professional Licenses and Certifications
         Education
         Memberships 
         Financial History 
         Military Service 
         Personal and Professional References
         Residence Inquiry
         Family 
         Medical 
         Internet Search 
         Polygraph
    Periodic and Promotion Update Counterespionage Investigation
    Non-Disclosure Non-Competitive Agreements
    Employee Exit Interview
    Bibliography

    Counterespionage Resources
    Private Professional Intelligence Organizations 
         Association of Former Intelligence Officers 
         Business Espionage Controls and Countermeasures Association 
         International Association for Intelligence Education 
              Purpose
         International Spy Museum 
         Naval Intelligence Professionals 
         Society of Competitive Intelligence Professionals
    Private Professional Security Organizations 
         ASIS International 
              ASIS Certifications 
         Association of British Investigators 
         Association of Certified Fraud Examiners 
         National Council of Investigation and Security Services 
         World Association of Detectives
    US Government Security and Intelligence Agencies 
         Defense Security Service
              Mission
              Vision
              Divisions 
         Federal Bureau of Investigation 
              FBI Mission 
              Priorities

    Appendices
    Index

    Biography

    Daniel J. Benny, PhD, CPP, PCI, CFE, CCO, is a licensed private investigator and security consultant. He holds a PhD in criminal justice from Capella University, a master’s degree in aeronautical science from Embry-Riddle Aeronautical University, an MA in security administration from Vermont College of Norwich University, a BA in security administration from Alvernia College, an associate’s degree in both commercial security and police administration from Harrisburg Area Community College; and a diploma in naval command and staff from the United States Naval War College.

    He is board certified by ASIS International in security management as a certified protection professional (CPP) and as a professional certified investigator (PCI), a certified fraud examiner (CFE) by the Association of Certified Fraud Examiners, and a certified confidentiality officer (CCO) by Business Espionage Controls and Countermeasures Association.

    He is the author of the books General Aviation Security: Aircraft, Hangars, Fixed Base Operators, Flight Schools and Airports, and Industrial Espionage: Developing a Counterespionage Program. He is also coauthor of the book The Complete Guide to Physical Security. He has authored more than 300 articles on security administration, intelligence, aviation security, private investigation, and cultural property security topics.

    Dr. Benny served as a U. S. Naval intelligence officer with duty at the Office of Naval Intelligence, Naval Criminal Investigative Service, Willow Grove Naval Air Station, Fleet Rapid Support Team and Central Intelligence Agency. He also served as director of protective services for the Pennsylvania Historic and Museum Commission and a U.S. Navy police chief.

    " … takes the security novice and quickly brings them up to speed on what exactly industrial espionage is and how to develop effective counterespionage programs."
    General Aviation Security

    "The overall visual presentation is professional with photographs by the author throughout. This book is recommended for general readers interested in protecting intellectual property and those with a specific interest in industrial espionage issues."
    Security Management

    "Benny has covered every angle—guarding against cyber-espionage, being wary when in hotels and travelling abroad, protecting classified information (whether paper records or in digital form) and what locks, filing cabinets, and windows you might want."
    —Professional Security