Targeting U.S. Technologies
East Asia and teh Pacific

Case Study

OVERVIEW

For the fifth consecutive year, the East Asia and the Pacific region retained its status as the home to the most prolific collectors of U.S. technology. Defense industry fiscal year 2008 (FY08) reporting revealed only minor variations from previous years in the types of technologies targeted and similarly the manner suspicious entities utilized to acquire them. Collectors of all persuasions continued to express keen interest in information systems technologies, specifically, those with dual-use applications involving command, control, communication, computers, intelligence, surveillance, and reconnaissance (C4ISR) capabilities.

Furthermore, there was little to no change in the collection method entities commonly employed. The direct request method of operation (MO) was, by far, the most prevalent technique of choice with collectors often brazenly requesting restricted technology. Interest in aeronautics continued to swell and was especially focused on technologies associated with unmanned aerial vehicles (UAVs).

The use of commercial entities to collect controlled information and technologies far outpaced any other collector category, further expanding its traditional dominance as the regional collection affiliation of choice. The continued decrease of reports from government or government affiliated entities collecting information and concomitant increase of reports emanating from commercial collectors reinforces the assessment that East Asian and Pacific collectors likely avoid traditional state-sponsored affiliates in an attempt to mask illicit intelligence activities.

COLLECTOR AFFILIATIONS

As discussed in the overview, the commercial category of collectors dominated FY08 reporting, more than doubling any other collector affiliation, a recurring theme noted over the last three years. The continued rise of the commercial collector affiliation and the corresponding downward trajectory in the number of government or government affiliated suspicious contact reports (SCRs), reiterated a growing reliance on collection methods that mask state-sponsored interest. Furthermore, SCRs indicated regional entities continued to exploit non-traditional collectors, like graduate and post-graduate students applying for positions in United States defense industry, as a guise to acquire sensitive technologies.

Analyst Comment: While the growing global marketplace and ease of Internet connectivity may be partially responsible for the increase in commercial collections, analysis of the SCRs and the corresponding decrease in the numbers of government or government affiliated collection attempts suggests it is likely that foreign intelligence agencies are successfully exploiting the commercial sector as their typically less alarming collection surrogates. (Confidence Level: Moderate)

The second most prolific regional affiliation in FY08 was the unknown affiliate; responsible for 20 percent of the East Asia and Pacific collection attempts. The lack of information in some direct requests or email solicitations makes it extremely difficult to determine if a government or commercial affiliation likely exists. In many cases, the only information the entity provided in a predominantly Internet-based request was an IP address that may or may not be related to the sender’s region of origin.

Analyst Comment: The popularity of the “unknown” affiliation is likely derived from mass emailing ventures, a cost-effective measure to maximize the collector’s return on requests for restricted or controlled technology. (Confidence Level: Moderate)

Affiliations

METHODS OF OPERATION

The direct request MO retained its top position as the favored MO for FY08, with just over half of all such requests relying on email and web-card submissions to request information and purchase technology. Also, the use of foreign visits and targeting as a collection method fell from the third most common MO in FY07 to fourth most prevalent in FY08.

Not to be overlooked, suspicious Internet activity continued to maintain its ranking as the second most preferred method, frequently involving confirmed intrusions of unclassified cleared defense contractor (CDC) computer systems. When compared against all regions, East Asia and the Pacific dominated as the most prolific in suspicious Internet activity. Collectors relied heavily on network obfuscation techniques to mask their locations and respective identities. Readily available information relating to various export-controlled technologies, programs, and personnel continued to assist in targeting those would-be victims. Analyst Comment: Requests for information and price quotes via email is the preferred MO to target United States technologies. This collection technique underscores the “low-risk, high-gain” efficiency associated with the direct request MO. Sending multiple requests for the same information to different individuals on a CDC network maximizes the available opportunities for the collectors to gain the information they seek. Additionally, the abundance of personnel and technical information contained within CDC websites, as well as the growing use of social networking sites, gives a likely targeting advantage to East Asia and the Pacific cyber actors exploiting the Internet. (Confidence Level: Moderate)

Methods of Operation

TARGETED TECHNOLOGIES

During FY08, collectors in the East Asia and Pacific region showed significant interest in information systems technologies, often requesting data and hardware associated with battlefield management and simulation systems. The nature of specific inquires largely replicated FY07 reporting, indicating C4ISR technologies were, and still are, in high demand. The aeronautics category represented the second strongest concentration of interest, most notably in inquiries related to UAV technologies. Closely following aeronautics technology, collectors requested marine systems and positioning, navigation, and time technologies information, with a keen interest in autonomous underwater vehicles and global positioning system simulators. Additionally, the armaments and energetic materials technology category continued to decline in the hierarchy of requested technologies, accounting for only four percent, down from the fifth most targeted technology in FY07.

Analyst Comment: Analysis of FY08 industry reporting reinforces previous assessments that interest in information systems-related technologies is most likely attributable to collectors focusing on research and development shortcomings with the goal of modernizing aging military C4ISR assets. (Confidence Level: High)

Targeted Technologies

ANALYTICAL FORECAST

Consistencies in FY07 and FY08 reporting indicate entities in the East Asia and Pacific region are highly likely to continue focusing on the acquisition of dual-use technologies to advance internal capabilities, especially as it applies to C4ISR. Also, the ploy of using commercial or academic sector requests to circumvent import/export restrictions will likely continue as an attractive option to mask state-sponsored collection activities. Exploitation of joint agreements and legitimate purchases, executed for legal applications, will continue to enable illicit acquisition of dual-use technologies intended for restricted applications. Additionally, key regional collectors will likely continue to place their collection emphasis on the aeronautics industry, most probably in an attempt to acquire access to advanced UAV technologies. (Confidence Level: High)

Back to Top