Let's stop the billions lost to cyber thieves
SRA CEO Stanton Sloane warns about the growing danger the theft of intellectual property poses to our economy and national security.
Osama bin Laden is gone, and with justice finally dealt, we now have an opportunity to refocus national attention on what is a significant strategic threat to our security: the cyber theft of American intellectual property and know-how.
A decade ago the FBI-led Internet Crime Complaint Center wrapped up its first year of operation and recorded 49,711 complaints. That was an awakening for our national security leadership. By last year the number had soared to 303,809. This past May, the Pentagon concluded that all cyberattacks on U.S. infrastructure could be considered acts of war. This serves to provide a perspective on the escalating nature of cyber warfare/terrorism/crime.
The stakes here are huge. On top of damage done for damage’s sake, there is a mountain of thievery under way online. The U.S. Trade Representative (USTR) tabulates the cost of intellectual property theft at about $250 billion annually to American businesses and citizens. This number is growing and represents the theft of key technologies and the hard-learned processes that help turn them into products. This is a sinister siphoning of our economic vitality, of jobs and our quality of life — and delivers immediate profit to our enemies in the space of a few keystrokes.
Unlike a missile or bomb, a cyberattack’s damage is difficult to assess and its impact may unfold only over a long period of time. Many of our active online enemies are state-sponsored but stateless; ideologues and criminals motivated by hate and greed. All that is required for any of them to succeed is an Internet connection. For nearly a decade, the top two locales outside the U.S. where cyberattacks originated have been Russia and China — our former superpower rival and current superpower rival respectively, and the top intellectually property theft offenders according to the USTR. While the cyber focus has been on threats to U.S. nuclear reactors, subways or pipelines, what is often overlooked — IP theft — is draining our superpower status at an alarming rate.
And the American public remains largely in the dark. That so many of us are unaware that our nation and economy are under constant and sustained cyberattack is traceable to a number of factors. Cyber criminals are stealthy, and victims don’t realize they are targets. Organizations that are hacked do not want to bring attention to it for fear it will challenge their competency. Investigating agencies do not like to expose ongoing cyber investigations, as it hampers their ability to collect evidence. Our national security establishment weighs the military and intelligence considerations more heavily than commercial, economic factors. This tends to impede information sharing. The result? Cyber crooks perpetrate the same scams over and over.
There also seems to be a lack of political will to deal with foreign powers that continue to threaten our nation’s IP and cyber property. Granted, it will be hard in an age of globalization where international relations are very sensitive, but the alternative is an accelerating shift of technology and financial power out of this country. Besides the loss of IP and the economic damage, we are losing years and years of technological and research development advantage overnight — a near instantaneous leveling of the international competitive landscape.
A bipartisan effort in the Senate represents a key step in removing our collective heads from the sand. Sens. Jon Kyl (R-Ariz.) and Sheldon Whitehouse (D-R.I.) have introduced legislation that would illuminate the very real threats to us so that we can take appropriate action. Whitehouse summed it up in April: “Americans do not have an appropriate sense of the threats that they face as individual Internet users, the damage inflicted on our businesses and the jobs they create, or the scale of the attacks undertaken by foreign agents against American interests."
Consider this for sense of scale: The damage from a single wave of cyberattacks on critical infrastructure could exceed $700 billion — or the cumulative toll of 50 major hurricanes ripping into the nation simultaneously, according to the nonprofit U.S. Cyber Consequences Unit.
What’s required is a clear sense that today’s battlefield extends deep into our daily routines. From our keyboards we are each on post in the ongoing battles of the cyber age — ready or not. And it is through our individual keyboards that many of these criminals gain access to key intellectual property. So be prepared.
Whether the bill offered by Whitehouse and Kyl advances, each of us has a duty to stay alert online. The common sense that serves us well offline — don’t take candy from strangers, etc. — needs to be applied online as well. The risks are simply too high to ignore. And we must demand that all of us be in this fight together.