The Rise of the Company Spy
With easier access to `spy-tech' electronics and slack ethical codes, United States companies are graggling with a growing industrial espionage problem
AS more and more United States companies have had to lay off employees as a result of the poor economy, they have also been faced with an increasing number of incidents of industrial espionage.
"An unhappy or disgruntled or greedy employee ... plays an important role in getting information out of a company," says Richard Heffernan, a Connecticut-based security consultant. "You cannot get that much information out of a company without having some inside help.
"Employees may attempt to hurt their employers before being laid off or to enhance their future employment prospects by misappropriating proprietary information," he says.
About 58 percent of all incidents of industrial espionage were undertaken by current or former employees, Mr. Heffernan discovered in a survey he conducted last year with Dan Swartwood, a Washington-based security consultant. The survey, sponsored by the American Society for Industrial Security, was based on the responses of 246 US companies.
Since 1985, the number of incidents of industrial espionage reported on a monthly basis has increased 260 percent, or a combined average of 10 incidents per month, the study showed.
William Johnson, executive director of Business Espionage Controls and Countermeasures (BECCA), a nonprofit organization in Seattle, adds three reasons for the rise in the number of espionage incidents:
* With much more rapid product development and tougher international business competition, information is more important than it used to be.
* More people have easy access to "spy-tech electronics" - high-tech catalogs and retail stores that sell pocket copy machines, bugs, tiny TV cameras, phone taps, and microphones.
* Lower ethical expectations. In many companies, technical innovation is moving faster than ethical guidelines.
Peter Schweizer, author of "Friendly Spies: How America's Allies Are Using Economic Espionage to Steal Our Secrets," estimates that intellectual property theft costs US companies $100 billion annually. The Federal Bureau of Investigation cites an estimate of $24 billion.
"Attempts to misappropriate information are really quite large," Heffernan says. "It's an underestimated problem."
In his study, Heffernan found that 49 percent of the companies surveyed reported incidents of industrial espionage. Overall, companies reported 589 attempts of targeting US technology, trade secrets, and business plans.
But New Jersey consultant Kevin Murray cautions that due to the covert nature of spying, the actual total number of incidents cannot be determined.
Still, he says, the problem is a very real one. "We can use the failed espionage attempts as a gauge. They reveal over and over again that the problem does exist," Mr. Murray says.
"The plethora of electronic surveillance equipment being openly sold in `spy shop' stores ... gives us a good indication of the magnitude of electronic eavesdropping," he adds. There are about 100 spy shops in the country, Mr. Johnson says.
Another problem in assessing the actual number of incidents of espionage is companies' reluctance to report them, Heffernan says.
"[Companies] don't want to lose consumer support [and] trust," he says. As more information on the problem of industrial espionage gets out, he says that companies will discover that there will not be a backlash. They will begin to discuss and litigate the problem more freely without the fear of losing the confidence of their stockholders, he says.
As the number of industrial espionage incidents increases, so does the demand for countermeasures, Murray says. In 1978, when he started Murray Associates, a counterespionage consulting firm, Murray conducted about 30 investigations a year. Over the last five years, he has been handling 125 to 150 investigations yearly, he says.
"In business, good security practices - along the lines practiced in industries that serve the US defense establishment - might well be adopted by any firm that wants to protect proprietary information, guard its plans and intentions, or fend off competition," says Arthur Hulnick, a retired Central Intelligence Agency official and former Boston University professor.
In 1990, Hughes Aircraft of Los Angeles was one of 49 American high-tech firms targeted by the French intelligence service. Now the company is looking at the "whole arena of communications security, especially for their overseas operations," says Clint Howard, director of corporate security for Hughes.
The company has always been aware of the possibility of industrial espionage. But the French incident "reminded everyone at Hughes that economic industrial espionage continues to be an issue," Mr. Howard says.