Intellectual Property Theft: Harder to Spot, More Common Than You Think
With the role that technology plays in today’s world, companies are constantly on the initiative to develop something new to stay ahead of the competition. After all, innovations are not only useful for the consumer, but the company as well, particularly when it comes to making sure that the “secrets” stay put. It therefore comes as no surprise that companies around the world focus on securing their vital data from preying eyes. But just as technology has allowed innovators to develop new and exciting products and protections, so has it developed new and exciting ways to try and steal ideas. It’s a double-edged sword, but one companies must live with and try to combat if they wish to continue aiming to stay ahead of the curve. Unfortunately, combating intellectual property theft is no easy task.
Verizon recently released an industry-by-industry breakdown of its Data Breach Investigations Report (DBIR), which was released earlier in the year. Although Verizon is known as a powerhouse entertainment provider, it also helps companies protect their data, spearheaded by its Verizon Security Services department. The report aims to showcase how different industries are affected by intellectual property theft and offers guidance and protection for companies to protect their intellectual property. There are two key findings to this report. First, unbeknownst to companies targeted in these theft schemes, oftentimes, the intruders are aided by the help of insiders. This isn’t exactly groundbreaking, as it wouldn’t be far-fetched to imagine external attackers working with inside aide. For example take music record label employees, who, as we’ve all heard for years, have been leaking artists’ albums ahead of time on the internet. Nonetheless, this eye-opening aspect of the report catches the scope of this practice; insiders are involved in almost half of the cases (46%). This creates a problem for companies because it’s one thing to work on securing intellectual property from outside intrusion, and another to be helplessly at the mercy of those who they employ to secure the intellectual property in the first place.
Another very important finding in the report involves the length of time it takes for companies to realize that they are targeted victims of intellectual property theft. While it could take the attackers only hours, maybe days, to enter the systems and compromise data, it takes companies months, even years, before they realize what is happening. This is crucial for companies going forward, especially when the report indicated that this large time gap was occurring in 48% of the cases. Partly explaining this gap in detection is the use by the attackers of stolen credentials from low to mid-level employees. When they gain access through systems log-ins of employees who are not constantly monitored, it becomes easier to operate under the radar. Many of these employees had malware and key-loggers installed on their computers, signaling the need for regular malware checks and virus protection. Of course, there is no way of knowing when these attackers enter the system and begin to monitor employee log-ins. This time gap in itself is a smaller version of the larger time gap problem companies are struggling with in today’s world of file server and database systems.
To fight these intellectual property theft threats going forward, companies will have to continue attempting to become more secure. As with many other things, the key is prevention, not cure. They must spend more time truly taking advantage of these types of reports, and find prevention techniques that may help limit the problem. There’s too much at stake for them to do otherwise, but it will continue to be a tough objective to accomplish. All they can do is try.