Industrial espionage is not a new phenomenon, but as information becomes ever more vital to companies and integral to their practices it is easy to see that the incentives are greater than ever.
A Scientific and Technical Options Assessment (STOA) report called Development of Surveillance Technology and Risk of Abuse of Economic Information presented to the European Union December 1999 concludes that: "Although it is very difficult to quantify the losses caused by industrial espionage... the losses incurred by European firms can reasonably be put at several billion euros per year."
John Young, owner of Cryptome.org, a Web site renowned for exposing details about covert government action, believes that details on commercial spying and compliance in Echelon may have been underestimated.
"[Echelon] is far from the only threat," says Young. "And just might be a lesser one than commercial 'Echelons' which have yet not been discovered and named as an octopus of many sucking tentacles."
Young suggests that surveillance technologies currently available to businesses are both highly evolved and readily available. "What has not been as well publicised is the array of technological measures that are coming into the commercial market for snooping on business competitors," he says.
"Coverage of Echelon has probably helped divert attention from commercial espionage, some of which is being performed by ex-intelligence persons who have set up companies to commercialise national security products and practices." He points to electromagnetic remote surveillance, covert analysis of users' online activities and backdoors into commercial applications as the main techniques that companies can exploit.
British computer security firm Firetrench confirms that it has been contacted by various companies to supply equipment for spying on commercial competitors.
Cases such as the notorious NSA Key found in Microsoft's Windows software and the password back door into the Shopping Cart e-commerce application show that certain commercial companies already think of fitting products with monitoring facilities as a matter of course.
"This happens a fair amount," says senior security architect with Information Risk Management, Richard Stagg, although he does not believe that there is necessarily anything sinister behind the practice.
"It's just companies trying to data warehouse, find out who is using their product and when," he adds.
Stagg does not, however, rule out the possibility that some companies could be in cahoots with government agencies: "From a theoretical point of view there are lots of reason why they would want to [work with government agencies]."
Young is more cynical, suggesting that the extent to which commercial bodies cooperate with government surveillance is widely underestimated. "With banks and the telecom corporations, throw in a few global media giants, you've got an Echelon-gigantus," he says.
