RATs, TRAPs, and Trade Secrets

Technology has facilitated both the amount of trade secrets that are now stored electronically, and the rise of cyber intrusions. Together, this has created a storm perfectly ripe for economic espionage. Cases involving unknown or anonymous offenders who may not be in the United States and who steal trade secrets using remote access tools (“RATs”) are especially problematic. This Article is the first to address and place trade secret misappropriation within the larger backdrop of cybersecurity. First, it argues that systemic issues related to technology will continue to make legislative and judicial solutions suboptimal for cyber misappropriation. Second, it explores how the rhetoric of war has infiltrated the national discourse on cybersecurity and cyber misappropriation. Third, the Article introduces and coins the acronym TRAP. Standing for “technologically responsive active protection,” TRAP serves as a guiding principle to further refine the reasonable efforts requirement for the protection of trade secrets. The Article also critically examines such active defense counterstrike techniques as hacking back and the controversy surrounding this potential strategy

RATs, TRAPs, and Trade Secrets

Technology has facilitated both the amount of trade secrets that are now stored electronically, and the rise of cyber intrusions. Together, this has created a storm perfectly ripe for economic espionage. Cases involving unknown or anonymous offenders who may not be in the United States and who steal trade secrets using remote access tools (“RATs”) are especially problematic. This Art-icle is the first to address and place trade secret misappropriation within the larger backdrop of cybersecurity. First, it argues that systemic issues related to technology will continue to make legislative and judicial solutions suboptimal for cyber misappropriation. Second, it explores how the rhetoric of war has infiltrated the national discourse on cybersecurity and cyber misappropriation. Third, the Article introduces and coins the acronym TRAP. Standing for “technologically responsive active protection,” TRAP serves as a guiding principle to further refine the reasonable efforts requirement for the protection of trade secrets. The Article also critically examines such active defense counterstrike techniques as hacking back and the controversy surrounding this potential strategy

The Federal Information Security Management Act of 2002: A Potemkin Village

Due to the daunting possibilities of cyberwarfare, and the ease with which cyberattacks may be conducted, the United Nations has warned that the next world war could be initiated through worldwide cyberattacks between countries. In response to the growing threat of cyberwarfare and the increasing importance of information security, Congress passed the Federal Information Security Management Act of 2002 (FISMA). FISMA recognizes the importance of information security to the national economic and security interests of the United States. However, this Note argues that FISMA has failed to significantly bolster information security, primarily because FISMA treats information security as a technological problem and not an economic problem. This Note analyzes existing proposals to incentivize heightened software quality assurance, and proposes a new solution designed to strengthen federal information security in light of the failings of FISMA and the trappings of Congress’s 2001 amendment to the Computer Fraud and Abuse Act

UNITING U.S. AGENCIES TO FIGHT THE ILLICIT USE OF CRYPTOCURRENCY

In 2022, the Biden administration published an executive order in which the growing use of digital assets was deemed a national security threat. While this thesis focuses on cryptocurrency, it is more broadly about how the United States can—and should—employ a whole-of-government approach to counter a continuously evolving and adapting threat environment. This thesis begins by examining several assumptions regarding malign actors’ adaptations, the adoption and use of emerging technologies by these actors, and strategies for the United States in applying its instruments of power to combat these developments. The research assumes that many adversarial entities engage in multiple activities, such as terrorism, insurgency, and criminality; as these organizations form new alliances, they are also developing new evasion techniques; and this increasingly amorphous threatscape, defined by new malign alliances and technological tools, will require the United States to utilize the entire homeland security enterprise, from the Department of Defense to law enforcement, to confront these actors. This thesis utilizes these assumptions as a foundation to construct an informed policy options analysis that puts forth potential, long-term frameworks to counter this growing diversity of threat actors and their use of increasingly technical and sophisticated tools of evasion.Civilian, Department of Homeland SecurityApproved for public release. Distribution is unlimited

Occupational Fraud: A Survey

This paper examines the issue of occupation fraud in today’s corporations. It provides an overview of the types of occupational fraud and how they usually occur. This paper also explains the attributes of the typical fraudster and describes warning signs that management should look out for in their company. It analyzes the regulations and polices put into place to combat the growing issue of fraud. It also provides a look at cyber-fraud, which is an increasing problem due to society’s reliance on technology. It explains why fraud prevention is so important in corporations, whether small or large, and emphasizes the problems that occur when fraud is left undetected. This paper also provides an overview of the assurance opportunities relating to fraud and details a proposal for the implementation of a fraud prevention plan. Overall, it allows readers to gain a general understanding of all of the important aspects of occupational fraud