technical report
silu
Paudel_Shlesh_Draft1.docxRunning Head: CYBER-THEFT OF TRADE SECRETS 1
CYBER-THEFT OF TRADE SECRETS 2
Cyber-Theft of Trade Secrets Comment by Daniel Creider: Drafts and the final paper do not need a title page All drafts require a separate outline before the text of the paper.
Draft 1
Name – Shlesh Paudel
CSCI-303-01W
CWID- 50278343
.
Introduction.
Cyber theft is among the cybercrime activities associated with the use of computers and devices to conduct illegal activities of stealing valuable business data and other intellectual assets. With the increasing evolution of technology, cybercrime activities have been exponentially increasing due to the development of sophisticated hacking techniques along with complex malware variants that are hard to detect or prevent (Basuchoudhary & Searle, 2019). On the other end, trade secrets are described as any activities, processes, or practices employed by a corporate that is only known within the corporate environs and not to the outside world. Cyber theft of trade secret takes place when an unauthorized person accesses, utilize and share confidential business data without authorization. Common causes of cyber theft of trade secrets may be associated with lack of awareness, system vulnerability, and lack of adequate security control measures to protect an organization's data as a critical asset (IIPRD, 2018). Examples of trade secrets include Google's search algorithm, Secret client lists of any corporate, among others.
Thesis statement . Comment by Daniel Creider: You do not need this heading
Based on the topic for this research paper, the focus of this report will be to provide extensive analysis of the common causes of cyber theft of trade secrets, provide insight into the growing concerns along with the current risks and impacts of cyber theft of trade secrets. Also, the paper will highlight various factors contributing to cyber theft activities together with the analysis of a few case studies on cyber theft issues. Lastly, up the assessment and analysis of the causes and impacts of cyber theft on trade secrets, this paper wall provides suggestions and recommendations on how to mitigate such issues best.
Kek words Keywords. Cybercrimes, cyber theft, trade secrets, cybercriminals, phishing, malware, insider attackers, unauthorized access, access control. Data, database, assets, dark web,
Literature review.
Cyber theft is one of the cybercrime activities that target stealing valuable and confidential busses information. Such information is then sold to the dark web or compromised to jeopardize business victims’ business operations. There is a growing concern over the increase of cyber theft of trade secrets in recent days. Many organizations have been negatively affected due to ransom pay demanded upon losing their confidential business data. What should be known is that, unlike in the traditional era when many organizations largely depended on manual processes to operate their businesses, continuous evolution of technology has changed the world of businesses in numerous ways. As the world is growing digitally, technological connectivity alongside pervasive integration has introduced a wide range of security issues.
Cybercrimes have become rampart with increased economic losses due to theft and compromising vital business assets. Cybercrimes affect both small businesses and large enterprises. One of the recent security threats many organizations face is cybercrime activities aimed at stealing trade business secrets for malicious motives. The main focus of cyber theft is to get hold of trade and business investment secrets(JUSTIA, 2021). Other criminal in collaboration with insiders attackers also targets to steal valuable business secrets related to research, business sustainability, and development.
Current cyber threats have led to the growth of global concerns due to the risks they have to the world's economy. A reasonable number of hackers and other cybercriminals target company technologies, databases, valuable business knowledge, and know-how that business entities consider as the most valuable and confidential information. Considering the numerous cases of cybercrime activities recorded over the past few years, it has been identified that cyber theft of confidential business information is one of the fatal cybercrimes that has become a significant concern in the European Union. Europe and America are the most targeted regions as their economy has incorporated features such as industrial advancement well-trained professionals in a wide range of technological fields, especially in automotive, aerospace, and biotech (JUSTIA, 2021). Cybercrime-related research was conducted between 2012 and 2016 indicated that there was an upward trend in data breaches that perhaps in one way or the other exposed critical company's data to malicious parties. Cyber theft of the business-related secretes is expected to keep on rising, and these facts should send a strong message to business enterprises to adopt and implement the most appropriate risk and cyber threat mitigation measures that could help monitor, detect, and resolve any vulnerabilities immediately it is recognized (Basuchoudhary & Searle, 2019.
As mentioned early, the advancement of technology has simultaneously led to the development of more complex techniques that could be used by hackers to gain unauthorized access to organizational data from any location at any time. Significant consequences of cybercrimes in relation to the theft of intellectual property are that such incidences normally result in substantial financial losses and loss of consumer trust (Basuchoudhary & Searle, 2019. Many organizations have suffered a big blow are a result of theft of business secrets as the stakeholders feel that their information about generation business activities, investment, development, and sustainability are exposed to wrong people who may wrongly use the said information to jeopardize business operations.
It is also imperative to mention that when large organizations lose their trade secrets, it is assumed that there exist numerous security loopholes where cybercriminals could get the opportunity to access and exploit critical business resources such as trade secrets(JUSTIA, 2021). When customers lose trust and confidence in such companies, there is the likelihood that company productivity will significantly decline over time. In addition to financial losses, the brand's reputation is also negatively affected as many stakeholders feel dissociated with the brand's activities with reference to cyber theft incidences befalling their organization. Reputational damage is termed as the most severe negative impact caused by cybercrime activities associated with data theft.
Relevant factors contributing to cyber threats.
As per the latest stats on cybercrimes, it has been found that among the factors contributing to cyber theft include lack of awareness and increased exposure to expanded online exposure of companies. What needs to be understood is that within an organization, employees play a significant role in providing and maintaining security to critical computing and non-computing assets. It becomes a significant challenge to an organization when employees have insufficient knowledge and awareness about cyber theft (Basuchoudhary & Searle, 2019. Lack of understanding on various aspects of cyber security obligation makes many employees to remain vulnerable and target agents by cybercriminals. Statistics have shown that inadequate knowledge about various cyber security issues makes business entities prone to cyber-attacks because such employees are lured using approaches such as phishing, malware attacks, and other social engineering techniques to reveal confidential information to intruders without knowing. Lack of awareness often leads to unintentional disclosure of business secrets to unintended parties who may use the said data otherwise.
Another relevant contributing factors to cyber theft of business confidential data are more extensive exposure to online platforms where cybercriminals could use different technologies to access company data from any location at any time. Through various approaches such as supply chain intrusion and targeted ransomware have been identified as the most common strategies used by online hackers to cause business disruption by holding critical company assets such as databases hostage (JUSTIA, 2021). As mentioned before, cybercriminals take advantage of the lack of cyber security awareness to lure employees into accepting their requests before launching their attacks. Cybercriminals also employ techniques such as cross-site scripting attacks to steal valuable business secrets using their websites. In this scenario, attackers often manipulate vulnerable company websites in a manner that when employees or web users send search queries, malicious JavaScript is sent to the users (JUSTIA, 2021). Once such malicious JavaScript files are downloaded into the company’s system, they silently redirect the company's traffic packets to the hacker for exploitation, where confidential data is phished out and ransom demanded before restoration.
Moreover, the growing speed with which hackers create new malware and develop their skills in using advanced technological tools has positively contributed to increased cases of cyber theft of business secrets in varied ways. New technologies that are complex and hard to motor, detect and prevent have been developed by notorious international. As technologies and new risk and cyber threats measures are developed, so does hacking tools and techniques. This has impacted an organization’s ability to respond to cyber theft cases whenever they are identified appropriately. System vulnerabilities due to poor security configurations and slow and sluggish responses from cyber security policymakers have exacerbated the already volatile situation (JUSTIA, 2021). The lack of sufficient laws to prosecute cybercriminals has seen many cyber security criminals being released from various judicial systems. Inadequacy of technological know-how within the cybercrime investigating agencies makes it difficult to peruse, prosecute, and jail cybercriminals. This aspect has motivated other cybercriminals to continue executing their malicious motives whenever they wish. It should be remembered that an exponential increase of hacking technologies, development of advanced malware, increased globalization, and rise of cyber-attacks via competitors, foreign nations, and hacktivist groups have also highly accelerated the rate at which cyber theft of intellectual property occurs on globally.
Cyber-theft of trade secrets case studies.
In 2016, German industrial conglomerate ThyssenKrupp was among the cyber theft of trade secrets victims. Hackers access the companies' sensitive and confidential data, which halted business activities for quite some time. Another company that falls into the trap of cybercrimes is Managed IT service providers (MSPs) (JUSTIA, 2021).
Recommendations on how to prevent and reduce cases of cyber data theft of trade secrets.
Business entities are advised to develop cyber security education and training programs to help increase employees' awareness of existing cyber threats. Also, the training should focus on establishing an organizational culture that adopts best security practices (JUSTIA, 2021). Besides that, corporates need to develop and implement cyber security policies to sensitize people on the impacts associated with compliance with cyber security regulations.
Another approach that should be employed by an organization to mitigate cyber theft issues is the development of organizational programs that focus on providing employees with progressive learning platforms about cyber security culture where every stakeholder will take sole responsibility of reporting to the relevant authority in security issues suspected or identified. Other than streamlining workflow with an organization, organizational culture should also put more effort into enlightening and creating awareness on cyber theft issues. By so doing, every employee and other key stakeholders will be able to provide the first line of defense to cybercrimes and other security threats (JUSTIA, 2021).
Conclusion . Comment by Daniel Creider: You cannot write a conclusion until all other sections of the paper have been written.
Cyber security is a significant concern to any busyness that wants to remain successful in it enamors; lack of access control policies along with insufficient knowledge about cyber security has contributed to cyber theft. Organizations should adopt and implement cyber security training programs to create awareness on preventing cybercrime-related crimes that pose a danger to crucial business data.
References Comment by Daniel Creider: Need more references. All references must have a URL
Basuchoudhary, A., & Searle, N. (2019). Snatched secrets: Cybercrime and trade secrets modelling a firm's decision to report a theft of trade secrets. Computers & Security, 87, 101591. doi:10.1016/j.cose.2019.101591
IIPRD. (2018, February 14). Cyber theft of intellectual property. Retrieved from https://www.iiprd.com/cyber-theft-of-intellectual-property/?utm_source=Mondaq&utm_medium=syndication&utm_campaign=LinkedIn-integration
JUSTIA. (2021, October 15). Trade secret infringement. Retrieved from https://www.justia.com/intellectual-property/trade-secrets/infringement/
Krupa, M. S. (2018, March 14). Cyber theft of intellectual property - Intellectual property - India. Retrieved from https://www.mondaq.com/india/trademark/682548/cyber-theft-of-intellectual-property
Searle, N. (2019). Snatched secrets: Cybercrime and trade secrets modelling a firm's decision to report a theft of trade secrets. Retrieved from https://www.sciencedirect.com/science/article/pii/S0167404819300616
