My latest Ellie Foreman book, Jump Cut, came out in March, 2016. Rather than talk about the book, I chatted to FBI Counter-Intelligence Deputy Director Robert Jones on the March edition of Second Sunday Crime. He’s been with FBI for 20 years, worked anti-terrorism, and is now with the counter terrorism division. He’s been in and out of Iraq over the years, became a Unit Chief, and now works in the upper tier of the FBI. In fact, our conversation was so fascinating, I’m going to break it up into three parts. This is Part 1.
When I asked him what he wanted to be when he grew up, he answered he still isn’t quite sure. As a young man, he knew he wanted to serve his country. As a Marine infantryman he had no idea he’d end up working with the FBI. There is an unwritten rule that every Marine is expected to recruit another into the bureau (that’s how he came to them), and he has brought several Marines into the organization over the years.
Why counter-intelligence? It isn’t unusual for people to become more generalists as they grow; it’s beneficial to the organization since there’s overlap—the same techniques with slight variations are used across all sorts of disciplines. For example there are similarities between the way the FBI handles corporate and economic espionage and terrorism, which in turn follow some of the same steps as robbery and kidnapping.
The largest threat to private industry today is economic espionage and the theft of trade secrets. American companies invest time and money in research and development before a product makes it to market, for example spending vast amounts of money developing a new drug. Foreign adversaries with competing interests can either do their own R&D and compete legally, or steal that technology and bring a product to market fast without spending their own funds. This kind of thing costs US businesses hundreds of millions of dollars every year. Btw, that’s what happens in Jump Cut.
At what point does FBI get involved? The sooner the better. As soon as a company knows something nefarious is happening, the faster the FBI gets involved, the better the chance of success. How might a company be aware of theft? It depends on the company. The FBI has an Insider Threat Program, which reveals typical indicators. Some thefts involve a trusted insider, and a handful of common denominators drive them to betray. They might have been passed over for promotion, they might start showing up late, logging into the company system in the wee hours, or using it for personal reasons. The company’s own internal processes often provide clues. Sometimes it’s money, where an employee is in financial distress. The sources of trouble are most often foreign rather than domestic, and China is currently one of the biggest offenders.
How can a rogue company, domestic or foreign, penetrate a corporation? Although we talk mostly about hackers these days, that’s not the only way. Espionage can include foreign companies that want to set in place joint ventures, or visiting delegations from overseas. Sometimes there are outright bribes. Conferences can be a vulnerable point.
If a company has evidence of a breach, how would FBI proceed? In a computer intrusion, the FBI would pinpoint how the intrusion took place, helped by the FBI’s Cyber Division, then pin down the attribution – who did it. Is it an entity from an at-risk foreign power like China or Iran? Is it a competitive partner from a different state? Once they know that, the FBI checks who works on the product, then they look for the signs and symptoms of a suspected insider – who has access to the data, who has been passed over for promotion, who has financial issues, all these logical questions help the agency identify the perpetrator.
Do some companies prefer to do that kind of investigation themselves? Most companies have internal security processes and procedures, but they can’t investigate to the depth the FBI can. They can do homework for the FBI, and there’s close liaison. In fact, the FBI runs a number of popular outreach programs to get in front or organizations who commonly experience economic espionage. Their Business Alliance Program, for example, has 15,000 members, and the National Secure Business Alliance Council includes reps from 30 very large companies. They do the same with academia, talking to colleges via the National Security Education Advisory.
Questions? Let me hear them. Part 2 will be posted later this week.