You've probably heard a few news stories about hackers who work for the Chinese government and steal intellectual property from US firms. And you've probably wondered whether or not you should take this threat seriously. Are China's hackers really after your clients’ data?
Last week, according to an article on MarketWatch, the U.S. government issued a warning, calling this threat a "significant concern." The Office of the US Trade Representative also listed Chile, India, Indonesia, Thailand, Turkey, Russia, and other countries as frequent burglars of ideas and intellectual property. For many countries, it's simply more efficient to steal intellectual property from US businesses than it is to spend their own time and money on R&D.
These hackers steal…
- Product information.
- Source code.
- Copyrighted material.
- Business plans.
This stolen IP can lead to a million-dollar lawsuit. For instance, when hackers steal IP that Chinese companies can use to make products for 50 percent cheaper, the burglarized U.S. company could sue its IT consultant for lost revenue and damages to the business.
But let's look at an example of how IP theft could affect a small business.
Small Business and IP Theft: How You Can Be Liable for Millions
You might be thinking that none of your clients have the kind of IP that Chinese hackers (or others) might try to pilfer. This might be true, but this mindset ignores the way a small IT consultant's liability is tied up with that of larger companies. Here's an example.
Say you consult for an HVAC company—you help it with its basic network security and IT infrastructure. These heating and air conditioning guys might not run a huge business, but they contract at an office space that houses a number of companies, including an oil and gas company that supplies software and consulting services for natural gas pipelines.
What you have is a chain of liability—and you're at one end. If hackers break into your HVAC client's network, they can often use your client's network access to hack anyone who works at the buildings they service.
If this sounds farfetched, it's not. In fact, this is precisely how hackers were able to break into Target's headquarters. First they hacked the HVAC company that had access to the building's network (because modern AC and heating is Internet-enabled). From there, they were able to install malware on Target's network.
And suddenly, an HVAC company is the root of the largest data breach in history.
IP Theft: An Overlooked Danger to Small Businesses
In our recent article "The Next Generation of Business Data Breach: IP Theft," we profiled how these breaches cause over $300 billion in losses each year to US businesses and pose a major threat to the overall health of the US economy.
While IP theft is a less-talked-about security threat, it's still an important one to consider. IT professionals are responsible for warning and protecting clients against all threats. Remember that you can be sued by clients if a breach on their network leads to a larger breach on one of their client's networks. Your liabilities are entwined with theirs.
To learn more about protecting your business from IP theft, data breach, and identity theft lawsuits, fill out our fifteen-minute online insurance application.