Intellectual Property Breaches: A New Target for Cybercriminals

Ransomware has forced business leaders to reevaluate the data they collect and process, it has also changed the dynamics of confidential data and intellectual property breaches in general. All data has value, but some types are simply worth more than others.

This fact is clearly evident during negotiations with ransomware groups. Hackers and security teams are keenly aware of the value of the data being held to ransom.

It should come as no surprise that intellectual property data is among the most valuable, and businesses are willing to pay higher ransoms to restore their intellectual property. Higher payoffs incentivize cybercriminals to focus their efforts on stealing that kind of data. Today’s emboldened hackers know they can find buyers for almost any kind of trade secret.

Corporate and industrial espionage are not new. We can look back seven centuries ago when Marco Polo described European attempts to smuggle silkworms out of China – and the severe punishments spies faced when caught.

This is an early example of state-sponsored industrial espionage, and it’s precisely this kind of intellectual property theft that is making a comeback. The difference is that corporate spies now have access to a globally connected economy. Hackers can compromise their targets remotely and sell data to global buyers with deep pockets.

Foreign nation-states have much to gain (and little to lose) investing in IP theft campaigns from behind the safety of their own borders. This was the background behind the high-profile indictment of five Chinese nationals who were members of the APT41/Winnti group in 2020. The group has been active since 2007, and has actively targeted victims in multiple countries as recently as August 2022.

CISA warns that the Chinese government is probably encouraging and supporting groups like APT41. It’s not known whether these groups work strictly for rival nation-states or operate as loosely affiliated criminal freelancers, but it’s clear that they can count on nation-state resources to conduct their attacks.

Unlike Medieval silk making secrets, today’s industrial and scientific organizations rely almost entirely on knowledge for their edge with intangible assets making up at least half the value of most organizations. In an innovative tech environment, those assets might represent as much as 85% of the company’s value.

Since today’s most advanced technologies are inherently digital, they are easier to steal than ever before. There’s no need to obtain physical access to new systems or technologies – the secrets behind them are more than enough.

The typical ransomware or data breach scenario is a relatively isolated event. Most of the damage that results from these attacks happens in the immediate aftermath of the event itself. Long-term impacts like reputation damage and employee turnover are typically muted in comparison with the short-term outcome of a cyberattack.

Intellectual property theft reverses this relationship. It does include serious short-term impacts, like potentially losing major contracts and spending valuable time and money on damage control. But the biggest loss comes from the development of counterfeit products and services made using stolen intellectual property, which can happen for years.

In the case of nation state-supported intellectual property theft, organizations often have no option to take legal action against counterfeiters. Instead, they simply have to live with reduced market share and deal with aggressive competitors leveraging stolen ideas and technologies for profit.

To make matters worse, those competitors are almost always able to undercut the prices set by original intellectual property owners. They spent nothing on research and development, made almost no capital expenditures, and hired no experts – other than cybercriminal spies. This grants them a near-permanent advantage in the market.

At the same time, intellectual property holders and their stakeholders are left with the bill for legal fees, compliance requirements, investigations, and new security deployments. Ultimately, calculating the final value of stolen intellectual property involves more than a dozen different cumulative cost factors. Organizations cannot afford this risk.

Relatively few organizations take a comprehensive approach to managing the security and integrity of their intellectual properties. Although business and IT leaders readily admit that intangible assets are critical to their success, they often neglect to secure these assets the same way they would if they were physical objects in the company’s care.

On one hand, the security of intellectual property is not generally subjected to the kind of regulatory oversight that other kinds of data enjoy. Intellectual property data doesn’t get the same treatment as HIPAA-protected patient data in the healthcare industry. Industrial organizations don’t have to follow strict compliance programs the way financial institutions do.

Before lawmakers required healthcare and finance organizations to comply with regulations, these companies had no way of knowing the value of their patient records or transaction databases. The same thing is broadly true of today’s intellectual property data.

This fact is on full display whenever an organization faces an IP infringement lawsuit. A great deal of time and energy goes into simply calculating the value of the intellectual property in question.

According to the Commission on the Theft of American Intellectual Property, the annual value of intangible assets stolen from the US economy is between $225 and $600 billion. That’s four times the value of the entire planet’s mined gold output.

Accounting for intellectual property risks is not possible if you don’t know the value of that property in the first place. That information will play a major role helping leaders and security experts find ways to protect that data against theft.

Intellectual property breaches are becoming all too common. Protecting intangible assets from corporate and nation state-supported espionage is no easy task. Cybercriminals have access to sophisticated technologies and modern, industrialized workflows. Business leaders need to be proactive about protecting that data from exfiltration.

BlackFog’s anti data exfiltration solution enables industrial and manufacturing organizations to prevent attackers from stealing sensitive data. By keeping protected data from leaving your network, you can establish a secure network perimeter that cybercriminals are unable to effectively bypass.