Trust No One

Spring 2013

Trust No One
tcbrPDF normal

Understanding the price of business intelligence—and counterintelligence.

By J.C. Carleson

Trust No One

J.C. Carleson was an undercover CIA officer for eight years. Adapted from Work Like a Spy: Business Tips From a Former CIA Officer (Portfolio/Penguin). ©J.C. Carleson, 2013.

The hotel bar had been crowded with trade-show attendees all evening, but it was getting late and only a few stragglers remained. A man in a disheveled suit was nearing the bottom of his glass when a woman sat down on the barstool next to his. She wearily hoisted a heavy canvas bag emblazoned with the trade-show logo onto the empty seat on her other side. She glanced at the lone man’s name tag briefly and then pointed to her own, indicating that they were both attending the same event. “So,” she asked, “are you celebrating or drown­ing your sorrows? It seems like a pretty tough sell out there this year.”

In fact, the man had been having terrible luck lately with sales, and with several strong drinks already in his system, he didn’t mind telling the stranger in the business suit that he was getting fed up with his current line of work. When she told him that she knew of a possible job opening for someone with his background, the man perked up and shifted immediately into interview mode. Eager to impress a woman who might be able to help him get a more lucrative position, he bragged at great length about both his current position and his previous experience working as a technician in a government laboratory in his home country. He might have embellished his track record slightly, but the woman seemed impressed, and she insisted on buying the next few rounds of drinks.

If you think that you can safely skip this article because your job doesn't give you access to “secrets,” think again, since the very definition—and value—of secret information is constantly changing.

The woman in the business suit was me. The man was a target I had been studying and watching from afar for quite some time. When I finally found him sitting in the bar without any of his colleagues or fellow countrymen, and with his tongue already loosened by a few drinks, I knew that I had a golden opportunity. In his heavy accent, the man told me everything I needed to know about his background, including some compromising details about the research being conducted in the highly classified laboratory where he used to work. For the price of a few drinks and the hint of a job opportunity, the conference attendee provided me with information of great value to the U.S. government.

Most of us would like to believe that we wouldn’t be such easy prey. Before you scorn the man for being an easy target, though, put yourself in his situation. Imagine yourself constantly on the road, traveling from trade show to client site to corporate retreat and back again. You spend your days in airports and your nights in hotels that have all started to look the same. You live out of a suitcase and rarely see your friends or family. When a well-dressed stranger with whom you clearly have business in common strikes up a friendly, benign conversation, wouldn’t you welcome the opportunity to chat? The man wasn’t necessarily an easy target—he was just a typical lonely business traveler. I’m quite sure that he had no idea whatsoever that the information he was providing was compromising or valuable.

If you had been in his place, would you have recognized the situation for what it was? It’s doubtful. And if not, how do you enhance your sense of personal and business counterintelligence? You need to protect yourself and your organization in a competitive business climate in which private citizens are increasingly facing some of the same threats that CIA officers have been dealing with for years.

The key to business counterintelligence is to avoid ever falling victim to information thieves who may target you without your even knowing it. If you think that you can safely skip this article because your job doesn’t give you access to “secrets,” think again, since the very definition—and value—of secret information is constantly changing.

When the Cold War ended, the prevailing currency of the spy game changed. State secrets were devalued by the new openness of glasnost and the improvement of diplomatic relations between for­mer enemies. Within the private sector, on the other hand, the value of trade secrets skyrocketed as the concept of a worldwide economy grew, and technology made the world suddenly seem to become a much smaller place. The post–Cold War changes in the global political economy turned the spy world on its head. Suddenly there was less need for clandestine officers within the traditional political arenas, and more need for them in the business world. Spies, being an entrepreneurial bunch by nature, embraced the shift.trust3

With these changes, however, the predictability of espionage decreased. Whereas it was once fairly obvious what the KGB was after, for example, and just how far they would go to get it, suddenly a whole new target set emerged. Traveling business executives began to suspect that someone had been in their hotel rooms while they were out. Sales reps at highly specialized trade shows suddenly became very popular, and found themselves on the receiving end of numerous invitations to socialize. Business travelers in certain parts of the world were surprised by late-night knocks on their hotel room doors from attractive, scantily clad women claiming an overwhelming desire to “practice English.” Those who gave in to temptation often discovered their pockets a little lighter the next morning. Briefcases and laptops were stolen with alarming frequency. American engineers of Chinese heritage were approached by Chinese officials who made aggressive pitches for sensitive information focused on ethnic and cultural loyalty. Spy tactics had trickled into the business world, and many executives were caught unawares.

It didn’t take long for the rules and parameters of espionage to change forever.

State secrets are no longer the goal of choice for entrepreneurial spies; the spy game has now shifted toward private industry. The reason is simple: money. In fact, the FBI now estimates that losses stemming from industrial espionage are in the billions of dollars annually. Billions! It’s no surprise, considering just how many ways—both legal and illegal—there are to obtain sensitive data from a company. To name just a few:

  • Public record searches
  • Dumpster diving
  • Electronic surveillance
  • Reverse engineering
  • Computer theft
  • Soliciting information from unwitting employees at industry eventstrust5
  • Planting of “mole” employees within a company
  • Interviews with former employees
  • Computer network intrusions
  • Press articles
  • Analysis of a company’s Web traffic
  • Regulatory rulings obtained via Freedom of Information Act requests
  • Patent reviews
  • Creating mirror websites or phishing portals from a company’s website
  • Identity theft
  • Fake job applicants
  • Analysis of employee travel patterns
  • Information obtained from consultants or contractors eager to share “success stories”
  • Theft by disgruntled employees
  • Internet worms
  • Data confiscated by foreign officials during overseas travel
  • Hiring away of key employees

From the mundane (data mining) to the sensational (blackmail), there are countless ways for your competitors to obtain information that you would rather not share, and then use it to their advantage. Business counterintelligence refers to efforts to identify and thwart such damaging corporate espionage.

Share

From
The Conference Board

From the Archives

The Conference Board Review is the quarterly magazine of The Conference Board, the world's preeminent business membership and research organization. Founded in 1976, TCB Review is a magazine of ideas and opinion that raises tough questions about leading-edge issues at the intersection of business and society.