What is Intellectual Property Theft?
Intellectual property theft involves stealing information, trademarks, inventions, ideas, copyrights, patents, and other intellectual property from a person or company and then, usually, using them for their own gain.
Intellectual property predominately refers to creations of the mind. These are intellectual and artistic expressions that encompass everything from books, designs, videos, images, music, and even symbols.
Consequently, IP theft means robbing people or businesses of their inventions, innovations, ideas, creative products, business processes, formulas, advances in technology, and so on, in addition to their potential profits and benefits.
Intellectual property theft has become a big issue in the digital era because most valuable assets and artifacts are increasingly stored online. In addition, digital media and the prevalence of technology have made it easier to pirate or steal digital intellectual property.
As a result, intellectual property theft has become easy, quick, and relatively cheap to commit. Unlike, say, robbing a convenience store where the criminal needs to be physically present, IP theft is mostly a white-collar crime that can be perpetrated through an online medium.
The Different Ways Intellectual Property Can Be Stolen
There are several ways intellectual property is stolen, such as the following:
- Piracy of software and goods in all its manifestations
- Counterfeit labeling
- Counterfeit trademarks
- Counterfeit drugs
- Theft of trade secrets
- Criminal copyright infringement
- Prerelease criminal copyright infringement
- Illegal recording of movies in theaters
The Impact of Intellectual Property Theft
Beyond the loss of revenue that should accrue to their rightful owners, intellectual property theft has other far-reaching consequences. For one, copyright infringement and piracy tend to reduce product quality, which can negatively impact customers’ health and safety.
For the consumer, its detrimental effect also comes in the form of higher prices; for towns and the government, it is reflected in tax revenue and job losses. Furthermore, it can result in reputational damage for the business that legitimately owns the intellectual property rights.
Consequences of Intellectual Property Theft on IP Holders
The following are among the negative impact of intellectual property theft:
- Loss of customer trust
- Reputational damage
- Reduction in sales and business growth
- Loss of competitive advantage
- Legal exposure and lawsuits
- Negative impact on business growth
The Advantages and Benefits of Protecting Your Intellectual Property
Intellectual property isn’t a victimless crime, and we’ve looked at what could be lost by its theft. However, it is also important to consider the benefits of maintaining a vigorous defense of your IP, such as the following:
- Protecting hard-earned market share.
- Protecting revenue streams.
- The ability to acquire a legal monopoly, with its attendant competitive advantages.
- Minimizing risks and liabilities of copyright infringement.
- Making it difficult for competitors and even partners from wantonly copying your ideas.
- Increasing the value of your business.
How is the United States Curbing Intellectual Property Theft?
Intellectual property theft transcends national concerns because it impacts international trade. Unfortunately, a substantial amount of intellectual property theft takes place in overseas countries with lax copyright laws. This is especially pertinent when there appear to be national policies deliberately geared to profit from IP theft. These are manifested by favoring a lack of legal enforcement and even encouraging IP theft by their private, quasi-private, and public entities.
The United States government is rightfully concerned about intellectual property theft because it affects national competitiveness. The United States also has a vested interest in IP protection as an engine of innovation that leads the world in copyright patents.
Also, U.S. businesses lose billions of dollars each year to intellectual property theft. A 2017 report by The Commission on the Theft of American Intellectual Property estimated the cost to the U.S. economy through the loss of trade secrets, pirated software, and counterfeit goods to be as high as $600 billion.
How is Intellectual Property Lost?
Sadly, intellectual property theft is predominantly carried out by employees or insiders. These attacks occur because insiders can gain entry into secure networks with relative ease and subsequently steal valuable assets. When nation-states are implicated, the FBI gets involved as this generally falls within the scope of industrial espionage.
Therefore, to combat IP theft, organizations must use sophisticated tools that combine the ability to recognize and differentiate legitimate, business-justified activities, with the detection of malicious intent by insiders.
Organizations need to take insider threats seriously because a single rogue employee can inflict a significant amount of damage. An employee working for a U.S. petroleum company developing the next generation of battery technologies stole trade secrets worth more than a whopping $1 billion. Hongjin Tan was eventually sentenced to 24 months in a U.S. federal prison for his crime.
Speaking on the incident, Melissa Godbold, special agent in charge of the FBI Oklahoma City Field Office, “American companies invest heavily in advanced research and cutting-edge technology. Trade secret theft is detrimental to our national security and free-market economy.”
What is the U.S. Doing to Stop IP Theft?
Through the Department of Justice and the Federal Bureau of Investigation, the United States has been crafting new strategies to combat intellectual property crimes. One of the key methods is through partnering closely with businesses and other stakeholders.
To this end, the FBI is collaborating with the organizations like the National Intellectual Property Rights Coordination Center. While these strategic partnerships are crucial, the FBI also collaborates with those who directly feel the brunt of intellectual property theft like brand owners.
These strategic efforts now facilitate more information sharing between the government and businesses regarding emerging trends, investigations, and aggressive criminal initiatives. In addition, the FBI has redoubled its efforts to reach third-party entities like advertisers, payment service providers, and online marketplaces that unwittingly enable IP criminal activities.
The upshot of these working relationships is the broadening of awareness with regard to investigative leads and the type of crucial evidence that makes it possible to identify and apprehend criminals.
Moreover, the enhanced relationship between counterintelligence and criminal personnel has created better synergy in the battle against trade secret thefts. When state-sponsored actors are involved, a trade secret case is pursued under the auspices of a counterintelligence program. However, in the event that no state sponsor is identified, the case is turned over to a criminal squad.
What Are the Most Common Intellectual Property Theft Methods?
Here are the tried and true methods in the cybercriminal’s playbook for stealing intellectual property:
- Hacking: The predominant method criminals use to steal IP is through hacking techniques. They employ attack methods like man-in-browser and keylogging to capture what an unsuspecting user is entering into an application or web page. In 2018, a hacking group known as Advanced Persistent Threat 10, believed to be affiliated with the Chinese government, was indicted for targeting more than 45 organizations in the United States. Notable targets included NASA and the Department of Energy. Malware and phishing were their primary vectors of attack to steal sensitive business secrets in industries ranging from finance, healthcare, manufacturing, biotech, and oil and gas.
In addition to using malware to exfiltrate information, they also utilize social engineering and phishing techniques. For all these reasons, it is important for organizations to beef up their cybersecurity defenses.
- Insider threats: This form of privilege abuse by employees, vendors, and third parties is the most pernicious kind of intellectual property theft. It is impossible for organizations to do business without granting certain groups of insiders a high level of access. But with this need comes the risk of providing them with the ability to steal intellectual property and profit from it by selling to competitors. Insider threats also constitute former employees whose access to corporate networks hasn’t yet been revoked. Data theft is also possible where ex-employees used their privileged access while in the organization to build backdoor accounts so they still maintain access to corporate networks.
- Human error: Intellectual theft doesn’t have to be malicious to occur. Instances abound where employers or vendors have lost devices containing confidential company information. Negligence or carelessness has also resulted in employees sending sensitive files and company secrets to unauthorized parties. In one of the most infamous cases of “bring your child to work day”, an Apple employee was fired in 2017 after his daughter filmed the yet to be released iPhone X smartphone during her visit to the campus. The video that Brooke Amelia Peterson posted on her blog contained several Apple trade secrets and intellectual property innovations the company wanted to keep under wraps until those product(s) were released. Some of these included codenames of unreleased Apple products, innovative features such as employee-only QR codes, and a notes app.
Intellectual Property Theft Best Practices and Prevention
The following techniques and methods go a long way in helping organizations protect themselves from intellectual property theft.
- Patent your intellectual property as early as possible. Organizations should ensure they get the cover of legal protection as soon as possible. Since IP protection is complicated, it is wise to acquire the services of an IP lawyer to help pursue trademark, patent, or copyright protection.
- Gain visibility into IP and sensitive data. Organizations are better prepared to protect critical and sensitive data when they know where it resides. This quest for information visibility should include pursuing data security policies like data classification, to differentiate, identify, and prioritize data that should be accorded the highest level of protection.
- Embrace the risks with a robust data security policy. While you pursue patents and copyrights, you equally need to realize that although these are legitimate measures, they aren’t foolproof. The reality is that they might not be sufficient to deter unprincipled competitors and cybercriminals from attempting to steal your intellectual property. Therefore, ensure employees, partners, and vendors sign nondisclosure agreements, especially when it comes to proprietary information. Also, incorporate strong indemnity clauses in your contractors’ contracts and do everything possible to show your business concept or product is your idea.
- Monitor employee and vendor activity. In an ideal world, companies would rest assured in the good faith of the people hired to work for them. Unfortunately, most IP theft comes from insider threats. Moreover, even employees without bad intentions can make crucial mistakes that result in the loss of sensitive data. As a result, companies need to monitor employees, especially those who have access to critical data like proprietary information and trade secrets. One of the most efficacious ways of doing so is by establishing user behavior monitoring so they can be immediately alerted as soon as something deviates from baseline activity. In addition to employee monitoring, companies should also do privileged user and third-party vendor monitoring.
- Provide adequate training to employees. As we have noted, one of the most rampant ways IP theft occurs is through insider threats and privilege abuse. Therefore, employees should be educated on how to prevent accidental leaks, and the risk they expose themselves with regard to willful criminal activity.
- Identify cybersecurity vulnerabilities. Companies need to be proactive in identifying weak spots in their security systems before malicious actors do. The use of penetration tests should be routinely used as a security audit mechanism to identify and fix avenues of risk for IP theft.
Learn How Vera Can Help You Prevent Intellectual Property Theft
Since intellectual property can be monetized to generate huge profits, cyberattacks have been weaponized as means of espionage and theft. For most organizations, intellectual property represents years of investment in huge costs, research, and technology.
The good news is that Vera has several tools in its arsenal to help you combat the scourge of IP theft. For instance, Vera has a data classification feature that allows you to identify sensitive documents among the avalanche of your organization’s data.
Vera also provides information rights management capabilities. This ensures adequate security travels with your data and IP assets wherever they go, in addition to providing you with an audit trail of its users and activities.
To learn more about protecting IP, read our eBook on the Definitive Guide to Securing Intellectual Property and Trade Secrets for Manufacturing Companies.