From drones to deepfakes: How businesses can defend themselves

Take a moment to appreciate the efforts of the English soccer team Southampton F.C. in its attempt to gain a competitive advantage. Vying for promotion into the Premier League (and the huge financial payoff, let alone glamor, that comes with it), the club was caught spying on its opponent, Middlesbrough F.C, ahead of a critical playoff match that would determine both clubs' fates.

Did Southampton use sophisticated spyware to infiltrate IT systems? Drones, perhaps, to fly over the opponent's training ground? It wasn't quite as James Bond-esque as that, with the club reportedly sending a young staffer to the training ground to capture footage with their iPhone while hiding behind a tree.

Corporate espionage in 2026 takes many forms. There are some organizations, like Southampton, that rely on, say, more traditional methods. But staying abreast of the modern means of corporate espionage is a tall order that all businesses, no matter how large and in what sector they find themselves in, must sadly contend with.

In the modern age, businesses must not only deal with physical intrusion but a range of threats, including social engineering, drones, artificial intelligence (AI), and network infiltration, among others. But, with so much to contend with, how can businesses deal with this invisible threat?

Latest Videos From

Watch full video here:

The meaning of corporate espionage

Let's be frank – corporate espionage has been a fixture as long as private enterprise has existed. The idea of spying on one's neighbor to gain a competitive advantage may well be traced back to the birth of nations, and it's a practice that quickly transitioned into the professional world.

"Corporate espionage is the attempt to access and steal trade secrets and or information that has economic value. Usually around technology, but it can also be targeted at policy and strategy," Clark Frogley, global head of fraud at data analytics company Quantexa, tells ITPro. Frogley was a former FBI financial crime investigator with first-hand experience dealing with corporate espionage.

"Economic espionage is conducted by either a competitor of the target in any market or country, or by a state actor sanctioned by a foreign government. It is far cheaper for a country to steal trade secrets than invest in R & R & R&D and try to build it."

That point is crucial – it's often quicker to steal ideas than generate them from scratch, or indeed take the time to build something. The "goods" that might be under threat include trade secrets, product road maps, pricing strategy, source code, customer lists, M&A plans, manufacturing processes, or sensitive research, says Bastille Networks CTO Brett Walkenhorst. And who might benefit from committing such crimes? Some, he tells ITPro, are direct competitors, or third parties acting on their behalf. But in high-value sectors, like energy, semiconductors, AI or pharmaceuticals, you may find nation states taking an interest in infiltrating your organization's walls.

Corporate espionage "success stories"

Corporate espionage has a long history. Some of the most infamous cases center around Nvidia, Coca-Cola, and Rivian, says Greg Newman, chief of staff at HiveWatch, an AI physical security platform.

Newman, who is a former law enforcement operative with the U.S. Department of State's Diplomatic Security Service, tells ITPro that targets are generally picked based on what their impact is on their vertical, their country, or their significance in the world.

• Hitachi (1983): Two employees pleaded guilty to conspiracy to steal confidential information from IBM and transport it to Japan.
• Rivian (2020): Tesla sued electric vehicle rival Rivian for poaching employees and allegedly encouraging them to steal proprietary information about Tesla's "next-generation" battery technology.
• Coca-Cola (2021): A former employee was convicted of stealing, or attempting to steal, trade secrets regarding bisphenol-A (BPA) chemical formulas in food packaging, which was then sold to rivals.
• Nvidia (2023): A software developer was convicted in Germany for stealing trade secrets from Valeo Schalter und Sensoren to develop parking-assistance software, with this data allegedly used by the GPU-making titan Nvidia.

How have espionage threats evolved?

"The playbook was fairly consistent for decades," Frogley explains. "Computer hacking was always a core method. Beyond that, you had insider plants — people working inside the target organization, photographing documents, copying and emailing files, or physically carrying home sensitive blueprints and customer lists."

Long-term operations, mostly run by state-sponsored actors with the deep resources and patience to invest in such schemes, revolved around finding somebody on the inside susceptible to greed or blackmail, he added. Walkenhorst adds that, in the 2020s, corporate espionage techniques centered on access and social engineering for the most part.

"Attackers used phishing, business email compromise, stolen credentials, credential stuffing, MFA fatigue, malicious OAuth applications, and compromised collaboration tools to get inside organizations. Supply chain compromise also became more common, with attackers targeting vendors, contractors, MSPs, and software providers to reach the intended victim."

The breadth of threats that businesses face in today's corporate climate is far-reaching and terrifying; certainly, listing them would be exhaustive to the extent it may be wiser to ask what isn't a possible entry point. But is there a way to summarize the evolving nature of these threats?

"The biggest shift is that espionage is becoming faster, more automated, and more blended across cyber, physical, and wireless domains," says Walkenhorst.

"AI is the obvious accelerant. It improves the quality and scale of phishing, impersonation, reconnaissance, and social engineering. Attackers can generate better lures, mimic executives, automate research on targets, and tailor campaigns to specific employees or business events."

What impact is AI having on corporate espionage?

AI is the elephant in the room. Indeed, today it feels as if it's the elephant in every room. But as far as corporate espionage goes, you can't ignore its influence.

In November 2025, Anthropic researchers claimed they detected China-linked cybercriminals using agentic AI to execute cyberattacks to infiltrate roughly 30 global targets — succeeding in a small number of cases.

The operation targeted big tech, financial firms, chemical manufacturing companies, and government agencies. But AI goes beyond manipulating tools like Claude Code — it brings notions of identity into question.

"AI allows for people to believably transform their appearances, language, mannerisms, and how they interact with a target," Newman explains. "Social media interactions have become the new 'meeting somebody at a conference, and they’re asking a lot of specific questions about our work'."

The principles remain the same, but technology brings evolution. Newman continues: "Sophisticated phishing campaigns have replaced dropping a bunch of USB sticks in the parking lot and hoping somebody will plug one in at work to helpfully return it to its owner. And instead of sneaking in a Cold-War-era Minox camera to photograph documents, or using a smartphone, cloud infrastructure has made exfiltrating data (and conversely, monitoring and catching this) much easier."

Drones are a new avenue for attack

One entirely new medium is corporate espionage via drones. Over the last few years, drones have become cheaper, better, and more widely available. In recent years, we have seen waves of drones hovering over various highly sensitive U.S. military sites, including Langley Air Force Base in Virginia in 2023, as well as the Wright-Patterson Air Force Base in Ohio, and many other locations.

"They could be doing anything, from surveilling critical infrastructure, just to the point of embarrassing us from the fact that they can do this on a day-to-day basis, and then we’re not able to do anything about it," said Glen VanHerck, former joint commander of North American Aerospace Defense Command and U.S. Northern Command, in an interview with 60 Minutes on CBS in 2025.

Your organization doesn't need to be a highly sensitive military-adjacent one to be vulnerable to this threat, however. Drones can be used as a surveillance tool — whether to view sites from a high vantage point or even microdrones (much smaller than the devices we see today), one day able to infiltrate much tighter spaces and pass seamlessly through corridors and between unsuspecting employees like an insect.

Today, however, drones are certainly capable of proximity-based network hacks, including nearest neighbor attacks, in which intrusion relies on compromising unsecured networks adjacent to the target to intercept data or introduce malicious code into a system.

Walkenhorst focuses on wireless visibility as a "sleeper issue", given businesses operate in dense radiofrequency environments, with Wi-Fi, Bluetooth, BLE, Zigbee, LTE, 5G and other protocols constantly blasting in all kinds of directions at all times. He says there's a growing visibility gap that would-be corporate spies are eager to exploit.

"That matters because a malicious device can be small, inexpensive, and easy to hide. It can use cellular to bypass the corporate network altogether, or use Bluetooth, Wi-Fi, or other wireless protocols to interact with nearby systems. It can be placed by an insider, a contractor, a visitor, or, in some scenarios, delivered or supported by a drone. If the sec

Safeguarding against modern espionage

With such a wide-reaching palette of threats, where do organizations start? For partner at Hogan Levells, Nathan Salminen, the answer to solving today's problems may lie in the answers of yesterday. "In the era of AI-powered cyber threats, many companies are beginning to shift back to some of the older cybersecurity strategies," he says.

"During the 1990s, most software was relatively easy to exploit. Companies combated that threat by taking fairly draconian steps like physically segmenting networks, limiting certain capabilities to personnel who were onsite, using whitelisting rather than blacklisting, and strictly ratcheting down access rights.

"Those safeguards have all slowly been swept away because they are inconvenient, but now we are on the brink of an era where AI makes most software once again relatively easy to exploit, and companies are starting to weigh security more heavily against convenience."

Frogley adds that all organizations must first understand they could be a potential target. "Technology today can help identify the use of synthetic identities or hacking attempts, and flag employees who go beyond the scope of their employment and access files or physical locations they should not," he says, adding that strong employee training programs are needed for anybody dealing in significant and competitive technology. Education, he explains, can be effective — including briefings before staff travel abroad and debriefings after they return.

Walkenhorst agrees, saying businesses should start treating corporate espionage as a business risk rather than just an IT issue — with the first step being to identify what information would be the most damaging if stolen, then building security controls around that information.

Another recommendation is to implement a strict information classification system to identify how to handle information and technology; this should encompass who has access, for how long, and what can be shared, as well as how to mark everything with proper handling classification.

Newman, meanwhile, advises that organizations invest in building a function-specific threat team, with the "spirit animal" of this being threat awareness, training, detection, and mitigation as primary functions.

"This means," he says, "that there’s a focus on awareness and training for employees who travel about what they might encounter; that phishing campaigns and alerts from a DLP tool are being reported to somebody other than an IT helpdesk, and that a more advanced company may have a full insider threat program proactively looking at indicators of intrusions, employees, and risk."

High-impact companies have always been targeted by rivals or foreign adversaries, but the threat and nature of the infiltration may have evolved. Ultimately, as far as the targets go, as Frogley puts it: "It hasn't changed that much; the companies might have changed, but it will always be a leading-edge company in critical sectors."

"I am sure Elon Musk’s Tesla was a big target as EVs became more in demand and popular. The car design is a target, but so is the battery technology and camera technology, self-driving code, et cetera. The industries evolve, but the logic behind who gets targeted stays remarkably consistent."

Whether you're a leading-edge EV and battery maker — or a plucky soccer team heading for the big leagues — corporate espionage continues to be a very real threat in the 21st century, and businesses should ensure they remain on top of the modern permutations of infiltration, be it drones conducting a nearest neighbor attack or somebody filming your sensitive operations from behind a tree.