U.S. may rely on trade sanctions, fines to curb foreign cyber spy threat

Share this article:
White House unveils initiatives to combat botnets
White House unveils initiatives to combat botnets

In response to ongoing advanced attacks against U.S. corporations, the White House has introduced a plan to prevent theft of sensitive data that may hurt the country's economic competitiveness.

The Obama administration on Wednesday released a report (PDF), called “Administration Strategy on Mitigating the Theft of U.S. Trade Secrets,” which aims to improve enforcement of trade secret theft – a move that could include jailing or fining offenders, or invoking international trade restrictions.

No specifics were provided in the report, which cited a number of cases in which companies allegedly were ripped off of intellectual property by foreign adversaries, including Ford Motor Co., General Motors and Dow Chemical.

The White House also is seeking to bolster diplomatic relationships between the U.S. and foreign trade partners, and to promote private sector and public awareness about related threats. 

The news from Washington comes one day after incident response and forensic firm Mandiant released a 60-page report revealing the details of secret Chinese military unit 61398, the outfit believed to be behind a massively scaled data theft operation that stole of hundreds of terabytes of information from 141 organizations, primarily based in the United States. Mandiant named the group APT1. China denied the allegations and said many hacking groups exist within the United States, according a The New York Times story.

According to the report, Mandiant tracked IP addresses, network communication and attack characteristics to trace the unit's central hub to a 12-story facility in Shanghai. 

The White house report said that investigation and prosecution of crimes related to theft of corporate or government data critical to the U.S. economy will remain a “top priority” for the FBI and Department of Justice. In addition, federal law enforcement will channel more resources into responding to cyber attacks, which are increasingly used to glean data from companies and agencies.

“The FBI is also expanding its efforts to fight computer intrusions that involve the theft of trade secrets by individual, corporate and nation-state cyber hackers,” said the report.

U.S. Attorney General Eric Holder said during a Wednesday afternoon press conference that certain nations are “hiring hackers” to gain unfair economic advantages, and that collaboration between agencies and the private sector in the United States is necessary to meaningfully address rising risks.  

“I also recognize that the Justice Department won't be able to continue making the progress we need, or that our companies deserve, without [help],” Holder said. “We need to find ways to work together more efficiently and effectively. And we need to do it now.”

Holder added that increased use of mobile devices and cloud-based services will “create more access points and vulnerabilities that allow attackers to steal” critical information.

During the press conference, Deputy Secretary of Commerce Rebecca Blank said the costs of losing trade secrets far outweigh the costs of protecting them.

“Nearly 35 percent of our GDP [gross domestic product] comes from industries that rely very heavily on trade secrets,” Blank said. “Trade secrets are a unique form of intellectual property, in that their value comes from other companies not knowing about them.”

 

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

VBA malware on rise, templates make it easier to write code

VBA malware on rise, templates make it easier ...

Researchers at SophosLabs found an uptick in VBA samples in July.

Analysts spot 'Critolock,' ransomware claims to be CryptoLocker

Trend Micro noted several differences between Critolock and CryptoLocker, however.

Citadel used in APT attacks against petrochemical firms

Citadel used in APT attacks against petrochemical firms

In an interesting twist, financial malware Citadel was used to infect firms outside of the finance sector via APT attacks, Trusteer found.