The White House is taking aggressive action against China for illegal trade practices as well as intellectual property theft. It’s important to understand why and implement countermeasures to ensure your data is safe.
Drive through middle America and you’ll see closed factories whose products are now manufactured in China. For the past few decades China has implemented an aggressive policy of stealing manufacturing technology and then providing zero interest loans to Chinese companies to re-create American products. The transfer of wealth to China from the United States directly due to stolen products is in the order of $Trillions. More recently Chinese companies have moved into Silicon Valley to steal technology from leading edge start-ups before they even go to market.
The Chinese government operatives utilize a number of techniques to identify and then steal intellectual property. First, Chinese operators attend trade shows and industry events to learn about new ideas and the identities of people behind them. Second, once smart individuals have been identified, Chinese operatives utilize email password phishing attacks to access their correspondence. Third, if email discloses valuable IP Chinese operatives will launch a direct attack on server infrastructure to steal source code, product designs and marketing information using a combination of stolen identities and lateral attacks within the data center.
Irrespective of how the next few months play out with China, here are some countermeasures you should implement to protect your intellectual property:
Multi-factor Authentication: Email phishing attacks is the most common technique to steal intellectual property. Thus, you should implement some form of multi-factor authentication.
Server Isolation: After email, direct attacks on server infrastructure is a popular technique. Subsequently all internet-facing servers should be locked down and lateral movement should be blocked.
Application Layer Access: Only allow application layer access to authorized personnel and their devices. This way if attackers can steal an employee’s credentials or install malware on their devices the ability to install code on servers is limited.
Certificate-based Mutual TLS VPN: Hacking Wi-Fi hot spots is very common outside the USA so it’s only a matter of time before it becomes prevalent here. Given that travelling executives utilize free Wi-Fi you should implement a certificate-based mutual TLS VPN to ensure that connections cannot be intercepted.
Do not let your company’s intellectual property be used against America.