Authorised and regulated by the UK’s FCA to provide investment accounts, we are bound by CASS rules to segregate and protect client assets.
In late 2012, British vacuum cleaner firm Dyson accused its German competitor Bosch of planting a mole at the heart of its engineering team. The employee, a Chinese national named Yang Pang, was said to have passed secret information about motor technology to the German firm.
According to Dyson, Yang had entered into an agreement with Bosch to pass on secrets about Dyson’s technology. Bosch were said to have paid him €13,000 over 16 months for this work. In a move worthy of a low budget spy film, the money was apparently funnelled through a limited company set up in his wife’s name to keep the relationship at arm’s length. Dyson fired Yang and demanded Bosch return the intellectual property, which it said cost tens of millions of pounds in R&D.
Corporate espionage, where sensitive information, recipes, financial data or manufacturing techniques are stolen by competitors or foreign governments is said to cost businesses billions of pounds each year. In the US, trade secret theft costs 1–3 per cent of GDP, which could equate to as much as $540bn.
“Given the nature of spying, many companies simply don’t know they’ve had their information stolen.”
Getting a true idea of the scale of this problem is difficult. The Dyson case is one of surprisingly few publicly reported stories about corporate espionage. Given the nature of spying, many companies simply don’t know they’ve had their information stolen. And, even when they do, “Most organisations don’t bring it into the public domain,” says Professor Mark Button of Portsmouth University. “In the UK there are hardly any publicly reported examples, despite MI5 and MI6 reporting that companies lose hundreds of millions of pounds to espionage every year.”
The world of corporate spying is generally less exciting than a Bond movie. Button reckons that most corporate espionage is conducted by means of hacking. Since vast amounts of sensitive company information is held on company servers, it’s usually easiest for spies to use cybercrime techniques to get hold of it.
What’s bugging you?
But it’s not all geeks behind keyboards. Crispin Sturrock of White Rock Privacy, a consultancy which helps business protect themselves against espionage, reports that listening devices are getting better. “If you want to put a recorder in a room or use a GSM bug [wireless listening devices that look like everyday objects], it is very easy to buy these devices online today, and the equipment has improved a lot in recent years.”
“It could be a frustrated employee who decides to harm the business and sell secrets. It could be a member of staff who has somehow been compromised and blackmailed to hand over information.”
Corporate espionage can happen in many ways. It could be a frustrated employee who decides to harm the business and sell secrets. It could be a member of staff who has somehow been compromised and blackmailed to hand over information. It might also involve people posing as cleaners who swipe away laptops, folders and USB keys containing vital information. It can even be as low-tech as private investigators looking through a target’s bins.
Button notes that espionage is frequently carried out by dedicated state surveillance teams. Other times though, it’s a rogue team at a company that is under pressure to get results – and so they opt to try and steal ideas from competitors themselves or by outsourcing the legwork. “There are always networks for finding people who would be willing to do this kind of thing,” he warns.
While it may be very difficult to completely prevent corporate espionage, there’s plenty that companies can do to minimise the risk. Button says a good place to start is to develop robust cybersecurity measures. It’s also important to vet new hires: “Look for red flags that might raise issues about a person – are they under financial pressure?”
“Effective counterespionage involves engagement from all staff.”
Sturrock is reticent about revealing his firm’s methods, but he says there are simple things businesses can do. “Say you’re having a board meeting. Before it starts, bend over and look under the table to see if a dictaphone has been placed there.” Effective counterespionage involves engagement from all staff. Sturrock says that if employees see someone they don’t know walking around the office, they should feel empowered to ask that person who they are and what they’re doing.
Completely preventing corporate espionage may be Mission Impossible but, by implementing some simple measure, businesses make it that much harder for spies to come in from the cold.