Increased connectivity has made us all more vulnerable. Cyberspace, besides all its benefits, spawned more devices to hack and more opportunities to commit cybercrime. Criminals have found it lucrative to target both individuals and businesses, by holding or stealing their assets via different types of cyber attacks. The cyber-enabled theft of Intellectual Property (IP), as one of the most important and critical intangible assets of nations, organizations and individuals, by foreign countries has been a devastating challenge of the United States (U.S.) in the past decades. In this study, we conduct a socio-technical root cause analysis to investigate one of the recent cases of IP theft by employing a holistic approach. It concludes with a list of root causes and some corrective actions to stop the impact and prevent the recurrence of the problem in the future. Building upon the findings of this study, the U.S. requires a detailed revision of IP strategies bringing the whole socio-technical regulatory system into focus and strengthen IP rights protection considering China's indigenous innovation policies. It is critical that businesses and other organizations take steps to reduce their exposure to cyber attacks. It is particularly important to train employees on how to spot potential threats, and to institute policies that encourage workers to report potential security failures so that action can be taken quickly. Finally, we discuss how cyber ranges can provide an efficient and safe platform for dealing with such challenges. The results of this study can be expanded to other countries in order to protect their IP rights and deter or prevent and respond to future incidents.
翻译:网络空间除了带来各种好处外,还带来了更多的黑客手段和更多的网络犯罪机会。犯罪分子发现,通过持有或盗窃个人和企业资产,通过不同种类的网络袭击,以个人和企业为对象,从而有利可图。外国的网络支持盗窃知识产权是国家、组织和个人最重要的和至关重要的无形资产之一。外国的网络支持盗窃是过去几十年美国面临的一项毁灭性挑战。在这项研究中,我们进行了社会技术根源分析,以调查最近发生的IP盗窃案件之一,采用整体方法。最后,犯罪分子发现了一系列根源和一些纠正行动,以阻止影响和防止今后这一问题再次发生。根据这项研究的结果,美国需要对知识产权战略进行详细修订,使整个社会技术监管系统成为重点,加强知识产权保护,同时考虑到中国的本地创新政策。企业和其他组织必须采取步骤,减少对网络袭击的曝光。尤其重要的是,培训雇员如何发现潜在的威胁,并开展一些纠正行动,防止未来问题再次发生。最后,美国需要根据这一研究结果,详细修订知识产权战略,使整个社会技术监管系统成为重点,加强知识产权保护。企业和其他组织能够采取措施,减少对互联网袭击的曝光。在其他国家开展保护。尤其重要的是,培训雇员如何发现如何发现潜在威胁,并且制定政策,并制止未来处理风险。最后,我们如何在网络平台上采取行动。