As global businesses morph into the equivalent of autonomous states and as technology based businesses take over our skies, roads, offices and homes, does “industrial” espionage continue other than in digital form? You can safely bet it does and it is increasing exponentially. It corrupts every industry on the planet so you can’t even gamble in safety! What’s more it is becoming indistinguishable from normal espionage as traditionally carried out by your classic military attachés at embassies all over the world.
How many and what type of “industrial” spies or similar have you got working in your organisation? Any responsible captain of industry who says none should be made to walk the plank! Some might say, surely no one would bother in this digital age? How wrong could they be?
We all know that hackers can attack IT and communication systems from outside purportedly impenetrable firewalls but there may be more sinister dangers lurking from within.
Using an amalgam of data and some extrapolation Faire Sans Dire conservatively estimates that about 0.5% of the staff or contractors of organisations employing more than 500 people in G20 countries are involved in “industrial” espionage. Put another way, roughly five in every thousand workers have passed on organisations’ secrets which could have damaged the organisations concerned.
They may have done so for personal financial reward (eg bribery or by being on the payroll of other organisations including organised crime gangs). They may simply have acted out of principle as silent whistleblowers. They may even have been blackmailed into doing so or just been exploited because they were known to be too talkative.
There is one other class of “industrial” spy that is oft forgotten but harmless to those on the right side of the law. That is the category that your government has covertly placed inside your organisation to protect it from threats including “industrial” espionage. You could add to this class. For example, dummy employees placed by the organisations themselves and one or two other types of not dissimilar internal spies.
As for smaller organisations the statistics are murkier. Nevertheless small organisations are not immune to infiltration especially if they are: influential (eg a small regulatory body); involved in cutting edge research (eg in technology or pharmaceuticals); a niche or leading player in their own industry and hold lots of attractive data.
Almost every organisation irrespective of size is at risk. At Faire Sans Dire Limited, over the years we have seen quite sophisticated “industrial” espionage applied to SMEs with turnover of less than £5,000,000 and staff of under twenty just to get to customer databases.
The extent of the infiltration depends on what type of organisation you work for. If you work for a supplier to a country’s armed forces your business has probably attracted many spies in one form or another. If you work in other industries, notably the pharmaceutical industry, your organisation will attract different sorts of “industrial” spies. Even straightforward health services like the NHS in the UK attract dummy patients (eg journalists) to see if much maligned doctors are sticking to their ethics or if that incredible hospital sister with the best ward recovery times in the country is not fiddling her statistics.
Where are the spies most prevalent? The answer is reasonably straightforward. If you are representing a country’s intelligence agency you would recruit your spies from regulatory bodies, large accountancy firms and to a lesser degree banks and law firms. If an “industrial” spy works at a regulatory body then in theory with a bit of huff and bluff he or she should be able to access whatever information is needed from any regulated entity. Auditors in large firms of accountants are similarly useful “assets” too. If you don’t believe that just read Beyond Enkription in The Burlington Files series.
If the infiltrators come in any form, at worst they may be like Edward Snowden was, a systems administrator with virtually unfettered access to IT and communication networks. How a sub-contractor like Snowden had such seemingly unlimited access to so much sensitive data is so mind boggling that it makes you wonder who he really worked for but that is tangential to these issues and commented on elsewhere.
However, these “industrial” spies don’t even need to be in place as long as Snowden was. Part time employees of sub-contracted cleaners and electricians are ideal for gathering secrets others are trying to protect. All they have to do is change a plug or two and your entire IT and communications networks may be compromised.
So, if you don’t know who to trust who can you discuss this issue with? Your lawyer perhaps but then you’ll doubtless be reported to your boss or, if you are the boss, a non-executive director as having lost your marbles! We can think of two credible answers. Either go and see your doctor and say you are suffering from paranoia or have a day off and read Beyond Enkription! Alternatively you can contact Faire Sans Dire.
This article was first published on 26th September 2014.