According to statistics published by the FBI, at least twenty-three foreign governments actively target U.S. corporations for their proprietary trade information.
And the threat is not just from state intelligence units. Increasingly, private companies conduct the greatest percentage of corporate espionage. Such firms would sooner skip the lengthy and expensive R&D investment period and jump directly to a highly polished final product. Theft of intellectual property (IP) from both sources costs American businesses over $300 billion annually. An overwhelming amount of this intelligence is stolen from executives when they travel abroad for business, most often without travelers ever knowing they’ve been targeted and victimized. Executives return home from business trips with vague memories of chatty taxi drivers, curious bartenders, misplaced cellphones, maybe even a brief hotel tryst, without ever knowing that they have inadvertently jeopardized millions of dollars worth of IP. Government intelligence services, business competitors, and private collectors are now competing and conspiring in this underground world of theft at levels the business world has never known. It is imperative that any company and executive understand the risks implicit in business travel today. Only then can you begin to ensure the proprietary information upon which businesses are built.
Here are the five most common ways business travelers are spied upon when traveling:
1. Email Hacking
If you knew how vulnerable your E-mail was you might never open your computer in public again. Travelers are particularly at risk because they frequently log-in to public Wi-Fi, such as airport business lounges or Internet cafes. If you can access the web in a public forum, someone else can access your computer. Uploading keylogging software or hacking into your emails is simply a matter of interest after that. If you think you’d know about malware on your computer, just Google the scandal at the FDA in 2013. Whistleblowing employees at that agency had screenshot and keylogging spyware uploaded on their computers without their knowledge. Every email they sent, and every website they visited, was monitored by investigators. In Russia, in 2011 alone, over half a million phones and emails were officially tapped by the government. The technology is there. The only question is, do your competitors have the will to use it?
2. Cell phone interceptions
A common practice in some countries is to require registration of a SIM card with your passport. Yet even in countries where you have given no such information, monitoring your location, listening to your calls, reading your texts, and browsing your emails is not science fiction anymore. For as little as $300 your competition could purchase cellphone malware which, among other things, could be used to turn on your microphone and listen in to any conversation you may be having on or off the phone. Say, the boardroom?
3. Hotel intrusions
This includes breaking into a traveler’s hotel room, for any number of reasons. How much do we really pay attention to who comes in and out? Once in a room, collectors can download anything from the unencrypted electronic devices we leave lying around the room (think of how often you simply stick your laptop in your suitcase), or even place video or audio monitoring devices. A hotel room, hotel safe, and hotel lock do not belong to us. The case of ESPN sportscaster Erin Andrews being spied upon and taped using a reverse peephole lens, or the more dramatic instance of the alleged Mossad attack on a Hamas leader in a ritzy Dubai hotel, show just how wrong our perceptions of hotel privacy and safety can be.
Related: PreparedEx Podcast Episode 7: Corporate Security – An Interview with Mike Howard
When a trained intelligence officer coaxes valuable information out of a traveler during casual conversation, it may seem as if you only had an innocuous conversation with a passing stranger. Elicitation may not include the James Bond-style gadgets we have come to expect of spies, but the threat is no less dangerous. Individuals trained to leverage your personality, be it through ego, money or ideology, can quickly turn a mid-level employee into a fountain of proprietary information. We only need look so far as Greg Chung’s case at Boeing to see how an engineer turned spy for China. And importantly, he was not an executive or a high-powered attorney. He was an average guy who managed to leak hundreds of thousands of documents that helped put China’s space program on the map.
5. Physical and Electronic Surveillance
When you combine phone hacking and hotel intrusions, the result is often choreographed surveillance. Surveillance is not just a man in the hotel lobby snapping a picture or two of you with an oversized telephoto lens. It is when a traveler’s movements are tracked, her conversations monitored and recorded, her routine memorized, and her vices documented. Vices are an especially tempting target. In 2009, a British diplomat was filmed in a Russian brothel, allegedly by the FSB. They intended to blackmail him, using the evidence of impropriety as leverage. Even if surveillance does not produce anything worthy of blackmail, knowing your habits, conversations and meetings gives the competition a head start in negotiations or product development. With miniature cameras so easy to come by, and cabbies eager to make an extra few bucks, is it too James Bond to imagine you may be a target of covert monitoring?
Since the end of the Cold War, the spy game has changed dramatically. Yes, countries still snoop on each other; the scandals sparked by Edward Snowden and Anna Chapman in recent years makes that perfectly obvious. Yet, increasingly, the most lucrative targets of espionage have been companies, not states. Today, a messy amalgam of private collectors, government services, and freelance profiteers have turned to economic espionage as their primary missions. Their targets should no longer be surprising—it’s you. No matter who employs them, all spies operate under the same principle; find the weak link. When you travel, especially for business, that link can often be you, either through your electronics, vices, or merely a random conversation. By understanding these five major sources of risk, you and your company can begin the difficult process of securing your business intelligence from prying eyes.
Related: 5 Security Tips for Travelers
About Luke Bencie
Luke Bencie is the Managing Director of Security Management International, a global security consulting and intelligence advisory service provider located inside the Washington DC beltway. He has traveled to over 120 countries over the past 15 years on behalf of the US Intelligence Community, the private defense industry and the clients of his firm.