6 ways Corporate Spies Steal from You
by Dan Harrison
Shockingly, stealing sensitive information from a company is remarkably easy, compared to how easy it was, say 30 years ago. The growth in technology means that spies have a massive range of tools that they can use in order to steal from you.
We’ve also found that the pace of business has accelerated to a point where you gain a massive advantage by being the first to bring a brand new product to market. If you’re developing a brand new concept, then your competitors would love to get their hands on that information. Since the process of taking a product from research to the customer has also become faster, a switched-on competitor could do a lot of damage. e.g. a competitor could register a patent before you do, therefore requiring you to pay your competitor significant sums of money in licensing fees.
So what is Corporate Espionage?
Corporate Espionage is where someone is spying for commercial reasons rather than for natural security purposes. Namely, taking something that would put your company at a significant disadvantage, or putting your competitor at a significant advantage. I’m not talking about anything nearly as glamorous as the movies depict. I’m talking about someone stealing a crucial spreadsheet, or a memo, or some design specifications, or perhaps a prototype circuit board.
Motivations for Corporate Spying
Before I go into different ways that someone could steal from you, it’s worth considering the reasons why someone would steal from you. This can help you identify what would be a target for espionage.
- Do you have a database of client information, which would be useful for a competitor? They could easily poach your clients.
- Are you developing a brand new product, where being first to market would give you time to dominate your industry for a while?
- Do you have a disgruntled employee who’d like to damage your business?
- Do you have an employee who might want to start their own business, copying your business model/products/services?
- Do you have proprietary software, where the source code could give a competitor an advantage?
- Are you involved in a business deal with another business, where you hold valuable negotiating power?
Based on those questions above, it does seem that any company could be a target. If that’s not made you paranoid, then read on to see how easy it is to steal information!
1. Using email attachments
If you provide email access for your employees, then it’s easy enough for them to be able to send an email to themselves or a competitor using your own business network! If your employees have internet access, they’re just as likely to send an email with any juicy attachments using a popular web client, such as GMail.com or Hotmail.com.
2. Using Dropbox and other filesharing tools
Dropbox is a very popular file backup and sharing tool. So it’d be very easy to install it onto a computer, copy some files into dropbox, let it sync, and then uninstall it again. Not completely untraceable, but certainly tough to trace. Although Dropbox does require an internet connection to the web, it’s ease-of-use makes it a very likely tool. The employee just needs to activate Dropbox on another computer to access the stolen files.
3. Using a USB thumb-drive or external hard drive
Where there’s no internet access, using a physical drive is another viable option. USB thumb drives can be as small as your thumbnail now, so they’re incredibly easy to conceal. So even if you’re doing physical searches of staff, a tiny USB thumb-drive could be concealed between toes or in underwear, without detection.
Hygienic? Nope. Easy data theft? Yep.
4. Using a smart phone
Most people under the age of 50 have a smartphone of some kind now. So it’s not unusual for someone to be carrying a phone with them at all times. Smartphones usually have a camera on them, and most have an internet connection too. So one of your employees could easily take photos of a new product and email those photos to anyone they like. Since the email is not going through a corporate gateway, you’re unlikely to detect the leak.
5. Using a hardware keylogger
A hardware keylogger looks like a short PC keyboard adapter, but it contains some clever electronics that records anything you type on a keyboard. These keyloggers are only practical for standard desktop PCs (rather than laptops, tablet PCs or smartphones), but they give someone access to your password and other sensitive information without needing to hack your computers.
To extract the data, the employee just plugs the device into another computer, and downloads the data. Keyloggers are not detectable by software, although a simple physical search of a computer will allow you to find it. These keyloggers are easy to buy, and cost $80 or less!
6. Using a malware backdoor
Using a backdoor is a particularly sophisticated approach, but probably represents the technique that could do the biggest damage. Essentially this means installing some rogue software that opens up a channel to the outside world. Your spy could then extract any data or attack any systems remotely, whenever they like. So you could fall victim to more than one theft, as the spy could easily access your internal systems long after they’ve left.
If the software is completely custom, then the chances of detecting it are very slim. Some antivirus software programs do contain heuristic analysis to identify custom spying tools, but they are not too tough to circumvent.
Worred yet?
About the Author: Dan Harrison used to develop Spy Gadgets for private detectives and law enforcement. Still an industry expert, Dan now collects spy stuff and writes about surveillance technology as a hobby.
Related posts:
