IP theft – don’t be the next victim

Co-authored by Phillip A. Russo (CIA Solutions)
e: phill@ciasolutions.com.au   m: 0403 121 798

With today’s high-speed copying technologies, the valuable business you have built up over a lifetime can be crippled by a rogue employee in a matter of minutes.

Directors be warned - intellectual property theft is an emerging risk for your business.

Without proper protections and policies, a “trusted” employee can copy key data, source codes, contracts, price lists, and entire customer databases without detection, syphoning a business’s lifeblood – its invaluable, confidential IP. 

Commonly, the employer’s approach to the problem is to immediately stop the rogue employee from accessing the business’s computer system and walking them out the door. 

But by the time the theft is uncovered, it may be too late to do anything. 

Typically, a miscreant employee will have downloaded valuable company data at least two weeks before the unauthorised accessing and copying is uncovered.

Once data has been stripped and duplicated onto another storage device, a rogue employee can readily copy the captured IP to a willing competitor or use it to stealthily build a competitor business.

Victims often think the police will step in and deal with theft of their data and IP.  It’s a common misconception.

Police do not readily deal with IP theft.  Victims usually have to turn to the civil law for redress, and the services of a computer forensic investigator to gather evidence to prove the theft and unauthorised conduct.

Lawyers work together with the computer forensic specialists in the aftermath of an IP theft.  With lawyers obtaining search orders from court, the forensic specialist can set about the task of uncovering evidence of the theft. 

USB thumb-drives, cloud services and third party email accounts are commonly used as “safe-houses” to store misappropriated electronic information.

Determined staff can circumvent traditional IT security measures in inventive ways.  There are instances of sunglasses with an “in-built” USB mp3 player being misused to carry out IP theft from their employers.

Smart phones can be used as a storage device or as a camera to record information.  Forensic analysts can extract crucial evidence from the phone of a miscreant employee to establish proof of the time and dates an act was done, and where it was done. 

In one case experience, court orders obtained allowing a search of the systems of a rival company which had been newly set up by a break-away group of staff of their aggrieved former employer.  Data was then uncovered that showed past and current staff of the aggrieved, applicant company hatching a plan to start the new rival business.  The evidence included emails, Skype conversations, use of the online file sharing platform Dropbox to “warehouse” information and USB data transfers.

The specialist forensic expert will be properly certified and independent, and being engaged by lawyers will create an environment where legal professional privilege will apply.  Those are important factors when bringing a civil claim, and highlight why the business’s computer security officer or IT manager should not be tasked with uncovering the electronic evidence to prosecute a case.

Enforcing rights under the civil law can be expensive, time-consuming and resource sapping.  And often the damage to the business has been done by the draining of the business’s once confidential, life-blood information and data.

Savvy business owners are increasingly turning to proactive forensic technologies to better safeguard their workplace against the risk of IP theft. 

To coin a phrase, an ounce of prevention is worth a pound of cure.

Computer forensic experts are being used by business to design and implement the use of forensic “network traffic” interception infrastructure and off-site email journaling repositories.

These processes introduce lawful Internet interception, monitoring and forensics systems that capture, decode, and reconstruct various types of Internet traffic, importantly in real time, and data retention infrastructure for email communications.

Older, more traditional security approaches to a company’s systems and data are becoming increasingly ineffective with the proliferation of low cost, readily available capture and storage devices in the market. 

Information is king.  Employers must be alive to the risks to which their priceless information is exposed, and look at taking steps to minimise it being plundered away.