Presentation is loading. Please wait.

Presentation is loading. Please wait.

UNCLASSIFIED UNCLASSIFIED Technology and Intellectual Property Protection in a Global Economy AUVSI Symposium Gregory S. Witkop, M.D. Special Agent, FBI.

Similar presentations


Presentation on theme: "UNCLASSIFIED UNCLASSIFIED Technology and Intellectual Property Protection in a Global Economy AUVSI Symposium Gregory S. Witkop, M.D. Special Agent, FBI."— Presentation transcript:

1 UNCLASSIFIED UNCLASSIFIED Technology and Intellectual Property Protection in a Global Economy AUVSI Symposium Gregory S. Witkop, M.D. Special Agent, FBI Basic and Applied Research Consultant, Critical National Asset Unit Strategic Partnership Coordinator, Seattle Division Affiliate Scientist, UW Applied Physics Laboratory

2 UNCLASSIFIED UNCLASSIFIED The Great Game -From time to time, God causes men to be born who have a lust to go abroad at the risk of their lives and discover news – today it may be of far off things, tomorrow of some hidden mountain, and the next day of some near by men who have done a foolishness against the State. We of the Game are beyond protection. If we die, we die. Our names are blotted from the book. When everyone is dead the Great Game is finished. Not before. -Rudyard Kiplings Kim

3 UNCLASSIFIED UNCLASSIFIED Traditional Threat Many people assume the end of the Cold War made the world of cloak-and-dagger obsolete. Unfortunately, espionage is still very much with us. Nations will always try to learn one anothers secrets to gain political, military, or economic advantage. Indeed, the foreign intelligence presence operating in the United States is roughly the same as it was during the Cold War. Robert S. Mueller, III – Director, FBI 11/17/2011

4 UNCLASSIFIED UNCLASSIFIED Asymmetric Threat Apart from the more traditional types of espionage, todays spies are just as often students, researchers, businesspeople, or operators of front companies. And they seek not only state secrets, but trade secrets from corporations and universities-such as research and development, intellectual property, and insider information. Apart from the more traditional types of espionage, todays spies are just as often students, researchers, businesspeople, or operators of front companies. And they seek not only state secrets, but trade secrets from corporations and universities-such as research and development, intellectual property, and insider information. Robert S. Mueller, III – Director, FBI 11/17/2011

5 UNCLASSIFIED UNCLASSIFIED Cyber Threat I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again. I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again. Robert S. Mueller, III – Director, FBI 03/01/2012

6 UNCLASSIFIED UNCLASSIFIED Commercial / ITAR Threat At least 108 countries have full fledged procurement networks that work through front companies, joint ventures, trade delegations and other mechanisms to methodically target our government, our private industries, and our universities. Assistant Attorney General Kenneth Weinstein October 2007

7 UNCLASSIFIED UNCLASSIFIED Risks when we sell … COUNTRY 1 COUNTRY 2 COUNTRY 3 COUNTRY 4 OPERATIONAL THREAT: COUNTRY 1 CHANGES FROM A FRIENDLY COUNTRY TO A THREAT COUNTRY. COMPETITIVE THREAT: COUNTRY 2 USES TECHNOLOGY GAINED TO FURTHER ITS INDUSTRIAL BASE & GAIN MARKET SHARE. PROLIFERATION THREAT : COUNTRY 3 INTENTIONALLY OR UNINTENTIONALLY RELEASES TECHNOLOGY, PROLIFERATION RESULTS IN THREAT COUNTRIES GAINING TECHNOLOGY. PRECEDENCE THREAT : RELEASE TO COUNTRY 4 NECESSITATES RELEASE TO OTHER COUNTRIES RESULTING IN PROLIFERATION AND THREAT COUNTRIES GAINING TECHNOLOGY. TRANSFER CAPABILITY OR TECHNOLOGY OR BOTH

8 UNCLASSIFIED UNCLASSIFIED PRC J-10 F-16

9 UNCLASSIFIED UNCLASSIFIED Commercial Tactical Response Continue export vigilance- report not only unusual but rejected Domestic Sales – Every sale is an export i.e. know end users, all invoices have export controlled warning Accounting – alert to shipping destination payment origination discrepancies Active Measures – Prosecutions are nice. Disruption is Better!

10 UNCLASSIFIED UNCLASSIFIED Cyber Tactical Response Assume Breach – Kirk Bailey, CISO UW Buy In – easy things are hard i.e. update patches, change passwords, unknown = unopened Clean machines whenever travel outside of US Reverse firewalls Compartmentalize – need to know = need to access; no need to know = no access

11 UNCLASSIFIED UNCLASSIFIED Insider Threat Tactical Response Mind the Gap – emotional, social, financial changes Anonymous reporting Banners Linear relationship between responsibility / access and transparency i.e. CEO, CEO Admin, Program Directors and Systems Administrators should be most transparent not only because could do most harm but more importantly avoids adversarial culture

12 UNCLASSIFIED UNCLASSIFIED Proactive Risk Mitigation Taxonomy of Risk Reporting Security Responsibility Counterintelligence Responsibility Corporate Responsibility Individual Responsibility

13 UNCLASSIFIED UNCLASSIFIED Taxonomy of Risk Threat Vectors Human (witting) + Technical – Inside (collection technology / hardware / software) = air gaps, specificity, targeting, justified access Human (witting) + Technical – Inside (collection technology / hardware / software) = air gaps, specificity, targeting, justified access Human – Inside (unwitting) + Technical Human – Inside (unwitting) + Technical Technical - Outside Technical - Outside Human - Outside Human - Outside

14 UNCLASSIFIED UNCLASSIFIED Insider Threat – Greatest Challenge Modern era – 2 greatest traitors, Ames and Hanson, worked for the CIA and FBI. Their success proves how difficult it is to deal with this threat. Modern era – 2 greatest traitors, Ames and Hanson, worked for the CIA and FBI. Their success proves how difficult it is to deal with this threat. Myriad of psychological, ethical, and sociological reasons prevent reporting of suspicious behavior Myriad of psychological, ethical, and sociological reasons prevent reporting of suspicious behavior

15 UNCLASSIFIED UNCLASSIFIED National Industrial Security Program Operating Manual The contractor shall promptly submit a written report to the nearest field office of the FBI, regarding information coming to the contractors attention concerning actual, probable, or possible espionage, or subversive activities at any of its locations. An initial report may be made by phone, but if must be followed in writing, regardless of the disposition made of the report by the FBI. A copy of the written report shall be provided to the CSA Chapter 1, Section 3, Paragraph 301

16 UNCLASSIFIED UNCLASSIFIED Risk Mitigation = Security Keeping the Adversary Out Security is necessary but not sufficient – all the guns, gates, guards, badges, passwords, firewalls, and classification systems in the world will not defeat our adversaries

17 UNCLASSIFIED UNCLASSIFIED Risk Mitigation Counterintelligence Keeping the Adversary Close Counterintelligence is necessary but not sufficient – all the threat and vulnerability assessments, understanding of motivations, and even active measure programs are not enough to defeat our adversaries Counterintelligence is necessary but not sufficient – all the threat and vulnerability assessments, understanding of motivations, and even active measure programs are not enough to defeat our adversaries

18 UNCLASSIFIED UNCLASSIFIED Risk Mitigation = Corporate Responsibility Ownership Ownership Trust / Respect Trust / Respect Creativity Creativity Meaning Meaning

19 UNCLASSIFIED UNCLASSIFIED Risk Mitigation = Individual Responsibility Security System + Counterintelligence Strategy + Corporate Responsibility + Individual Responsibility is necessary and sufficient Security System + Counterintelligence Strategy + Corporate Responsibility + Individual Responsibility is necessary and sufficient Ultimately no one can defend your house other than you

20 UNCLASSIFIED UNCLASSIFIED Thank you Greg Witkop, M.D. Special Agent, Seattle Division (206)

21 UNCLASSIFIED UNCLASSIFIED Espionage Statutes 18 USC 794 – Espionage Statute 1 Transmittal 2 National Defense Information 3 To an Agent of a Foreign Power 4 With Intent to Injure U.S. or Aid Foreign Power 1 Transmittal 2 National Defense Information 3 To an Agent of a Foreign Power 4 With Intent to Injure U.S. or Aid Foreign Power 50 USC Unauthorized Disclosure A "Filler" Statute A "Filler" Statute 1 U.S. Government Employee 1 U.S. Government Employee 2 Who Knowingly Transmits 2 Who Knowingly Transmits 3 Classified Information 3 Classified Information 4 To a Foreign National 4 To a Foreign National

22 UNCLASSIFIED UNCLASSIFIED Economic Espionage Act of 1996 Economic Espionage – 18 USC Economic espionage is (1) whoever knowingly performs targeting or acquisition of trade secrets to (2) knowingly benefit any foreign government, foreign instrumentality or foreign agent. Theft of Trade Secrets – 18 USC Commonly called Industrial Espionage - Commonly called Industrial Espionage - Theft of trade secrets is (1) whoever knowingly performs targeting or acquisition of trade secrets or intends to convert a trade secret to (2) knowingly benefit anyone other than the owner. - Theft of trade secrets is (1) whoever knowingly performs targeting or acquisition of trade secrets or intends to convert a trade secret to (2) knowingly benefit anyone other than the owner.

23 UNCLASSIFIED UNCLASSIFIED Bayes Theorem Given some phenomenon (A) that we want to know about, and an observation (X) that is evidence relating to A, Bayes theorem tells us how much we should update our knowledge of A, given the new evidence X Given some phenomenon (A) that we want to know about, and an observation (X) that is evidence relating to A, Bayes theorem tells us how much we should update our knowledge of A, given the new evidence X Gives a mathematical basis for belief i.e. probability


Download ppt "UNCLASSIFIED UNCLASSIFIED Technology and Intellectual Property Protection in a Global Economy AUVSI Symposium Gregory S. Witkop, M.D. Special Agent, FBI."

Similar presentations


Ads by Google