FBI Agent Warns of Cyber Threats Faced by Researchers

By Ashley Serpa – Universities are the birthplaces of valuable intellectual property. This makes them a target for foreign entities, cautioned FBI Special Agent Nick Shenkin in his October 26, 2017 talk entitled "Counterintelligence: Economic Espionage, Theft of Trade Secrets, and Cyber Intrusions."

Special Agent Shenkin—hosted by UC Davis Information and Educational Technology in honor of National Cyber Security Awareness Month—offered valuable insights into cyber threats targeted at academia. For example, intelligence specialists estimate that roughly four percent of the U.S.’s GDP in intellectual property (IP) is stolen each year. Agricultural technology—a pillar of UC Davis research—is particularly sought-after because autocratic governments can appease their citizens by feeding them adequately, Shenkin explained.

While China and Russia are responsible for about eighty percent of cyber threats on the U.S., countries like Israel and Saudi Arabia are becoming more aggressive as their intelligence-gathering skills improve. Shenkin emphasized that no group of people is inherently prone to deceit or pernicious cyberattacks—more important are “a specific person’s vulnerabilities.” 

Some individuals living in autocracies are forced by their government to gather intelligence on U.S. research. Others ask for information from colleagues abroad in good faith but are “subject to the whims” of their repressive governments. Consulate delegations, acting on behalf of the government to which they are loyal, often have at least one trained intelligence officer whose job it is to gather valuable information.

Manipulation and infiltration 

Most threats are not sophisticated. The methods used to gather information and steal IP are often as rudimentary as sticking USB flash drives in unattended computers or using email phishing schemes. Shenkin described an incident in which an intelligence officer attached to a foreign delegation walked through a parking lot dropping flash drives infected with a virus in the hopes that people would pick them up and use them. Other schemes are more elaborate. For example, research funds can be used to attract researchers who hope to advance their work, not realizing they are making themselves vulnerable to IP theft and possible foreign coercion.

Foreign governments also look to recruit people who can implement the stolen IP. In the last five years, Shenkin explained, there has been a spike in the recruitment of engineers, researchers, and software programmers. While some of these people have foreign ties that make them vulnerable—perhaps family living in an autocratic country—others are paid handsomely to funnel information to their “handlers.” And some do not even realize they are giving away IP.

Glenn Duffie Shriver, for example, was a student spending a year abroad in Shanghai. He was approached by a legitimate company, which overpaid him to write “white papers” about U.S. markets. Shriver wanted to work in government and the company was very supportive, encouraging him to apply to the CIA. During the CIA entrance exam, however, Shriver realized he was essentially being paid by a foreign government to infiltrate the U.S.’s primary intelligence agency—at which point he ‘confessed’.

Awareness and openness 

University personnel, researcher, and students are most vulnerable to coercion and cyber threats when they travel, where chance meetings and even parties can put them at risk. The FBI has numerous video clips from inside foreign hotels in which, while a given researcher is attending a conference or other event, intelligence officers can be seen searching their room for information.

Shenkin warned that the open, collaborative spirit of academia leads researchers to underestimate the potential dangers. That openness should, and must, continue, he said—greater awareness and more robust measures to secure IP needn’t turn an open intellectual community into a closed one. But openness must not be allowed to become vulnerability. 

Shenkin’s top tips for researchers? One, never use an unknown USB drive. Two, be aware of phishing schemes. Three, secure research before traveling abroad. Finally, contact the UC Davis Information Security office with any questions or concerns.