Free Checklist: CMMC Assessment Cheat Sheet for CUI
Download
CAD Security

Is your IP safe from China? The US Government doesn't think so.

An Economist article published in June 2024 claimed that China is actively targeting US SMEs for long-term sabotage and for financial gain through sustained IP theft. With China using previously undetected methods of ‘cyber warfare’, it’s increasingly important that US companies adopt Zero Trust protection for their most valuable IP data.

July 23, 2024
Is your IP safe from China? The US Government doesn't think so.

What is the “greatest transfer of wealth in history?” According to Keith Alexander, the former head of the US National Security Agency (NSA), it’s China's decades of stealing US intellectual property (IP). And there’s no sign of it slowing down.

An Economist article published in June 2024 claimed that China is actively targeting US SMEs for long-term sabotage and for financial gain through sustained IP theft. With China using previously undetected methods of ‘cyber warfare’, it’s increasingly important that US companies adopt Zero Trust protection for their most valuable IP data. 

The increasing threat to your intellectual property

The US economy loses $600 billion per year thanks to intellectual property theft, including counterfeiting, copyright infringement and trade secret theft. This has a particularly damaging impact on small and medium-sized businesses who lack the resources to combat IP theft and suffer most from its consequences. For example, a US company that produced software for wind turbines almost went out of business after a Chinese company stole its technology, leading to sales losses and hundreds of layoffs. 

But it’s these SMEs that are in China’s crosshairs. According to the Economist, Chinese hackers have compromised a ‘broad swathe’ of small and medium-sized companies in the US. From pipeline architects and telecoms providers to aerospace manufacturers and renewable energy engineers, China is particularly targeting US SMEs working in the critical infrastructure network - even when there seems little value in it. 

What’s more, the threat is getting harder to detect. ‘Stealthier’ methods beyond traditional malware, such as directing attacks through ordinary routers that appear legitimate, continue to be uncovered with one Chinese network alone reportedly using 60,000 compromised routers. Given recent cyber intrusions were only discovered by diligent Microsoft reporting, it’s likely these new methods are simply the tip of the iceberg. 

The US Government is aware of the threats

FBI Director Chrisopther Wray is unequivocal about China being the ‘defining threat of this generation’. During the 2024 Summit on Modern Conflict and Emerging Threats, Wray stated that “the People’s Republic of China is engaged in the largest and most sophisticated theft of intellectual property and expertise in the history of the world,” noting the Chinese government’s direct and indirect efforts to plunder IP and personal data across the US. 

The US Government has reacted in kind. The Department of Defense (DoD), for example, launched the CMMC 2.0 framework to protect its supply chain and safeguard sensitive national security information from increasingly common and complex cyberattacks. Now, all members of the Defense Industrial Base (DIB), be they prime contractors or subcontractors, must adhere to the CMMC 2.0 framework before Q1 2025 in order to work on DoD contracts. 

So the question remains: how can you protect your valuable IP data from an increasing threat? The answer: Zero Trust protection. 

Zero Trust for your most sensitive data

With increasingly widespread and complex cyber theft attempts, you need Zero Trust protection for all files that contain your IP. If you work in manufacturing, aerospace, engineering or much of the critical infrastructure that China is targeting, your CAD files are particularly vulnerable - especially when in transit or shared externally along the supply chain.

But with Zero Trust protection, it doesn’t matter if your CAD files are stolen by hackers - they’re still protected. 

How Secude’s HaloCAD embeds Zero Trust in CAD files

Secude’s HaloCAD extends Microsoft Purview Information Protection (MPIP) to your CAD files, protecting your IP and safeguarding your future. By applying MPIP authorization tags to CAD files at the point of creation, your CAD files are encrypted for their lifetime no matter if they travel outside your IT perimeter or fall into the wrong hands. You also have complete control over file access and can easily change authorization permission to enable seamless and secure collaboration with external partners. 

In addition, HaloCAD supports your CMMC 2.0 compliance. As part of the updated CMMC framework, DoD contractors with controlled unclassified information (CUI) must adhere to 110 NIST SP 800-171 assessment requirements - a big ask for resource-light SMEs. But Secude’s HaloCAD simplifies certification in almost two-thirds of the assessment families and one-third of the 110 assessment objectives for CUI. 

Protect your IP from future threats, today

The average data breach costs $4.5 million, but stolen CAD files can cost much more by putting your valuable IP on the line and endangering your company’s future. 

Given the increasing threat from China and the stricter security requirements from the US Government, safeguarding your IP from future attacks should be a leading priority for today, not tomorrow. 

As John Hultquist of Mandiant, one of Google’s cyber security companies, said to The Economist: “the reality is we have to fight the next cyber war now”. 

To find out more about Zero Trust protection for CAD files or CMMC compliance for CAD files, download our latest eBooks

Be Secure with Secude

Protect your data. Protect your brand.