New Tariffs Expected to Increase Hacks on Intellectual Property
Could a trade war create a spike in hacking attempts? That’s the concern of cybersecurity professionals, who believe that the proposed new tariffs instituted by the United States will lead to an uptick in cyberattacks from China, and this could directly affect American intellectual property (IP).
The Back Story
China has long been a cyber adversary of the United States, with intellectual property a prime target of cyberattacks. According to Axios, China was responsible for 80 percent of tech IP hacks and theft, at a cost to the U.S. economy of $300 billion per year. However, after the Obama administration threatened to indict Chinese hackers and impose sanctions in 2015, the Chinese government agreed to rein in the cyberattacks.
This pact remained in place until the Trump administration took office, when cybersecurity researchers saw Chinese hacks begin to increase. This isn’t surprising. As Dmitri Alperovitch, chief technology officer of cybersecurity firm CrowdStrike, told CyberScoop, “There tends to be a shift in activity from nation-state adversaries when major geopolitical events occur.”
The proposed tariffs were tied to Chinese espionage in the formal announcement, which makes it even more likely that hackers will engage in nation-state attacks and again go after intellectual property.
The Tariffs’ Impact on IP Theft and Security
China depends on IP theft to help build its own economy. It’s a leader in both manufacturing and copycatting. One notable theft that occurred was the intellectual property around the F35 stealth fighter, noted Alex Vaystikh, co-founder and CTO of SecBI, in an email interview. And, most of us see Chinese knock-offs of American-designed products all the time.
IP is most vulnerable right now, before the tariffs are actually imposed, Vaystikh added. “The reason why IP theft increases and we’re likely to see a blitz is because, with new tariffs, there is a possibility of stronger security walls put around this information, making it harder to access. With this concern, hackers are considering an all-out grab now of whatever they can, while it’s ‘easy.’”
No Commitment to Cybersecurity
Unfortunately, the American government may have given Chinese hackers additional incentive to ramp up attacks overall, having recently announced the elimination of its cyber advisor position. Not having a dedicated person focused on the cybersecurity strategy causes two challenges, said Rishi Bhargava, co-founder at Demisto: First, there will be no dedicated focus on public-private cybersecurity strategies, cyberlaws and other cyber interests; and second, it will send a wrong message to other nations and malicious actors.
Joseph Carson, chief security scientist at Thycotic, agreed that this is not the message we want to send to our cyberadversaries. “This is a major mistake and a poor message to send to the world. Only a few months ago during the World Economic Forum, its latest report moved cyberattacks to be the third-greatest impact to global economies just behind natural disasters and climate change,” he said in an email comment. “When a cyberattack from another nation-state tries to influence our way of life, our society or the outcome of our democracy, you want to ensure your government has someone experienced who can lead, though eliminating this cybersecurity position appears to be removing accountability and responsibility. [It’s] a step in the wrong direction.”
Protect Your IP
Cyberespionage trickles down from government agencies into the private sector. All IP, but especially tech-related intellectual property, will be at risk. Vaystikh advises organization to treat their intellectual property with more care and create visibility around how and where it’s used—and, most importantly, monitor that data.
“Obviously, isolating it is not possible; IP is by definition to be shared and leveraged by the company holding it,” he said. “But by keeping a better eye on it (e.g. with next-gen network traffic monitoring solutions), you can make it more difficult for hackers to abuse or steal it.”
