While North Korea is in the news now for its ‘cybervandalism,’ the U.S. Government is acutely aware of the extensive threat of cyber attacks. An annual report offers an analysis of foreign intelligence efforts. Its long been required reading for the FSO-set, but as cyber threats affecting the private sector increase it’s a good idea for everyone in the security community to know what form today’s computer-based attacks are taking.
The Defense Security Service (DSS) released its annual unclassified report titled Targeting U.S. Technologies: A Trend Analysis of Reporting from Defense Industry, covering Fiscal Year 2013 (FY13). The 80-page document is an analysis of foreign collection efforts and espionage that targets U.S. technology, intellectual property, trade secrets and proprietary information. It is an important report that should be reviewed by all members of industry to understand the importance of counter-espionage and cyber security in your security efforts and for reporting suspicious contact efforts to appropriate agencies.
The Executive Summary of the report discusses Regional Trends and FY13 Collection Trends. DSS has established regions of the world to group data – East Asia and The Pacific, Near East, South and Central Asia, Europe and Eurasia, and Other Regions (Western Hemisphere and Africa). DSS also identifies 5 collector affiliations (commercial, individual, government, etc), 11 methods of operation (attempted acquisition of technology, academic solicitation, seeking employment, etc), and the top targeted technologies (information systems, aeronautics systems, electronics, etc).
Special Focus Area.
The special focus area for FY13 was Inertial Navigation Systems (INS). An INS is comprised of an inertial measurement unit (IMU) and a computer. The typical IMU consists of gyroscopes and accelerometers which measure the angular rate of change and accelerators which measure linear acceleration. The computer takes inputs from the IMU and calculates the vehicle’s position, orientation, and velocity in reference to its starting point. Many types of vehicles incorporate INS, including aircraft, submarines, spacecraft, and guided missiles. Attempts to obtain INS from industry rose nearly 60% from FY12 to FY13. The primary region of origin for the collection efforts was East Asia and the Pacific; collector affiliation most often identified was commercial entities; and the method of operation most often used was attempted acquisition of technology.
The bulk of the report analyzes each of the regions and identifies which collection affiliations are most active, which methods of operation are most used and which technologies are targeted most often. The report also provides a comparative analysis of FY12 and FY13 data, and an outlook on future efforts. A summary of regions reveals the following:
East Asia and the Pacific.
The collector affiliations most often identified were government, commercial and government affiliated; the methods of operation most often used were suspicious network activity and academic solicitation; and the most often targeted technology were electronics and command, control, communication and computers (C4).
The collector affiliation most often identified was government affiliated; the methods of operation most often used were academic solicitation and attempted acquisition of technology; and the most often targeted technologies were marine systems, electronics and aeronautic systems.
Europe and Eurasia.
The collector affiliations most often identified were commercial and individual; the methods of operation most often used were attempted acquisition of technology and seeking employment; and the most often targeted technologies were electronics and C4.
South and Central Asia.
The collector affiliations most often identified were government affiliated and individual; the methods of operation most often used were seeking employment and academic solicitation; and the most often targeted technology was electronics.
In FY13, DSS received and reviewed over 30,000 reports from cleared industry and referred 5,448 of these reports to other government agencies which initiated 717 investigations or operations based on DSS referrals.
In summary, no country or area of the world is above collecting or attempting to collect important information from U.S. companies. I must note, along with DSS, that this report is only as good as the input, namely reports from industry of suspicious or direct attempts by unknown or unauthorized sources to obtain information. It takes active efforts from all involved parties, Government and industry, to thwart these efforts and report such efforts to appropriate agencies. The report is available online at http://www.dss.mil/ci/index.html.