Signpost Six Blog

Insider Risk Digest March: Trade Secret Theft at Tesla and Beyond

Written by Lucas Seewald | Nov 27, 2024 1:56:11 PM

Dive into our latest Insider Risk Digest, where we explore recent espionage in the German military, trade secret theft at Tesla, espionage risks in critical infrastructure, data leaks in the pharma sector, and security lapses at NASA. Plus, a look at the delicate balance between research collaboration and knowledge security.

We value your insights-if you find this digest insightful, join the conversation and share this digest on your socials. 

The German military has apprehended an individual suspected of espionage on behalf of Russia. The arrest underscores growing concerns regarding foreign intelligence activities within Western militaries. The detained individual, identified as a German soldier, allegedly passed sensitive information to Russian handlers, raising alarms about Insider Risk and highlighting the growing challenge of safeguarding national security against insider threats amidst heightened geopolitical tensions.

Tesla is in the spotlight of insider risk incidents once again this month. Two individuals have been apprehended, facing charges of trade secret theft. Through the obtained secrets, the individuals had set up their own company in China. Tesla, as a leader in high-tech vehicle solutions, is often targeted by insiders who attempt to profit from their large investments in R&D. Current investment in adequate safeguards, however, is lagging behind.

American officials are growing worried over the potential espionage capabilities of foreign procured elements within the national critical infrastructure. Specifically, procured cranes have been identified as posing a risk of clandestine intelligence collection, as they contain communication equipment and sophisticated sensors that can capture information about materials being shipped around the world. Procurement has often been leveraged as a legitimate process exploited by external actors to get the privilege of an insider, especially in critical infrastructure. 

A former Johnson & Johnson employee brought thousands of sensitive strategy-related files with him to his new employer Pfizer, in a new tale in the long history of strategic rivalry between the two companies. The information included confidential sales data, customer and channel lists, pricing models, market research, contracting strategies launch playbooks and more. J&J’s company security program flagged his activities, but this did not stop the former employee from accessing the information within his new position at Pfizer. The pharmaceutical industry is increasingly defined by high competitiveness, with departing employees taking more and more of the spotlight.

NASA is yet to conclude its investigations concerning the theft of materials used to train astronaut crews. Specifically, iPads used by the training crew had gone missing in June of 2023. The incident and lagging investigations have created concerns regarding NASA’s approach to device management, a crucial safeguard to ensure the confidentiality and integrity of confidential information.

The Canadian University of Ottowa says it does not screen China-affiliated researchers in federal grants. Whilst researchers are screened over potential affiliation to Russian, Chinese and Iranian institutions posing a potential threat, affiliation to talent programs like the Chinese Thousand Talents Program is still not standardised. Over $2 billion is granted yearly in research funding, potentially financing the expatriation of critical Canadian developments. A complex balance still needs to be struck between the desired openness of research ecosystems and the necessity of safeguards advancing knowledge security.

 

Take the Next Step in Insider Threat Mitigation

Concerned about insider threats within your organisation?

Book a meeting with our experts today to develop a tailored strategy that safeguards your organisation's integrity and intellectual property.