Unsolicited Direct Requests

Direct, unsolicited requests for information are the most frequently reported foreign collection activity. Most such requested are directed to defense industry, but they are also received by the military and other government agencies. The requests may be faxed, mailed, e-mailed, or communicated by phone or in person. The request may be for information or be an inquiry about purchase. This procedure is so popular because it is low cost, low risk, and often works. It is not unusual for one or more middlemen to send out multiple requests for specific information or a specific technology, hoping to find one one person willing to respond in a positive manner.1

Various ploys are used to increase the likelihood of an initial response. For example:

  • The request is sent to individuals with the same national, ethnic, religious, or other background as the requestor.
  • The requestor claims to be a student requesting help with a thesis.
  • The requestor asks for a copy of a trade journal article authored by the recipient of the request. If the recipient responds, the requestor follows up with detailed questions about the subject of the article.

There are many potential indicators that an unsolicited request may be suspicious. One of the more common is that the request is directed to an individual employee by name, rather than to the corporate marketing department. There are two reasons to use this technique. First, individuals are more likely to be unaware or forget about company or organizational policy in responding to such requests. Second, the purpose may not be to actually collect information. The purpose may be a preliminary screening to identify those who are willing to be helpful by responding to such a request. The few who respond may then be targeted and assessed further by other means.

Many companies label an unsolicited request as suspicious whenever the information requested is on the Militarily Critical Technology List, is covered under the International Traffic in Arms Regulations (ITAR), or would require a license for export. Other indicators are:

  • The request comes from a foreign country, especially a country subject to U.S. export controls.
     
  • The requestor is ostensibly a student or consultant or is otherwise vague about what organization is behind the request or how the information will be used. Insinuates that the identify of the third party he works for is "classified."
     
  • Requestor admits the information could not be obtained elsewhere because it is classified or controlled, or advises to disregard the request if it is classified or subject to export controls.

The success of direct requests depends largely on three factors: 2

  • The knowledge of US organizations regarding export laws. When diversion of US technology is discovered following a direct request by a foreign entity, a common argument used to mitigate punishment for the transfer is that the US supplier was unaware that the item was controlled or was a trade secret.
     
  • The willingness of US organizations to carry out due diligence on the foreign buyer. In some cases, direct requests are placed through organizations whose names provide no indication of the foreign nature of the requestor. If, in addition, the person attempting the acquisition does not state that the item is to be exported, the US seller may feel no need to make a more concerted effort to learn about the final destination of the product.
     
  • The honesty of the US seller. In a number of cases over the past few years, the seller has simply chosen to ignore clear indications that the item was to be transferred overseas. Indeed, many US firms—eager to make a sale—have been complicit in efforts to disguise either the type of equipment being exported or the end-user destination

Recipients of such requests should find out as much information as possible about who the requestor represents and why the requestor wants the information. Advise your security officer and marketing or public relations office of any suspicious requests. Do not respond to any unsolicited request without prior approval from your supervisor or security officer.

Reference
1. Defense Security Service, Suspicious Indicators and Security Countermeasures for Foreign Collection Activities Against the U.S. Defense Industry, 2003. Accessed via Internet at www.dss.mil/seclib/index.htm, Dec. 8, 2004.
2. This section copied from National Counterintelligence Executive, Annual Report to Congress on Foreign Economic Collection and Industrial Espionage - 2004. Accessed via Internet at www.nacic.gov/publications/index.html, June 20, 2005.

 

HOME   |   METHODS OF OPERATION CONTENTS   |   TOP OF PAGE   |   HELP

INFORMATIONCONDUCT | THREATS | TECH VULNERABILITYASSISTANCE
SPY STORIES | TREASON 101