Feeds

US defence biz fined for busting China arms embargo

No need for cyber-spying - just buy the damn software

Combat fraud and increase customer satisfaction

A top US defence contractor has been fined $75m (£47.8m) for flogging software to China that was a vital component in the country's first attack helicopter.

United Technologies and its two subsidiaries Pratt & Whitney Canada (PWC) and Hamilton Sundstrand 'fessed up to more than 500 violations of export restrictions in a federal court at the tail end of last week.

The headline grabber, however, involves the engine control software without which China could not have completed development of its Z-10 attack chopper – a battlefield-ready beast capable of carrying 30mm cannons, anti-tank guided missiles, air-to-air missiles and unguided rockets.

According to US Immigration and Customs Enforcement (ICE), which carried out the investigation, PWC turned a blind eye to the potential military use of the software in hope of securing a lucrative contract for civilian choppers from China - a $2bn deal that never appeared.

PWC had previously sold the Asian nation ten commercial development engines that did not require export licenses. However, the biz then wilfully followed that up with electronic engine control software made by Hamilton Sundstrand and modified it for use in a military helicopter, ICE said.

The export of “defence articles and associated technical data” has been banned by the US since the 1989 Tiananmen Square massacre.

The companies did themselves no favours by failing to disclose the illegal exports for several years and then making numerous false statements to the US State Department.

"PWC exported controlled US technology to China, knowing it would be used in the development of a military attack helicopter in violation of the US arms embargo with China," said US Attorney David Fein.

"PWC took what it described internally as a ‘calculated risk', because it wanted to become the exclusive supplier for a civil helicopter market in China with projected revenues of up to $2 billion. Several years after the violations were known, UTC, HSC and PWC disclosed the violations to the government and made false statements in doing so.”

United Technologies CEO and chairman Louis Chênevert issued the following canned statement:

Export controls are an integral part of safeguarding US national security and foreign policy interests. As a supplier of controlled products and technologies to the Department of Defense and other domestic and international customers, we are committed to conducting business in full compliance with all export laws and regulations. We accept responsibility for these past violations and we deeply regret they occurred.

The fine, $20m of which can be used by United towards a compliance programme, is unlikely to financially affect a firm with revenues exceeding $50bn, but the case will be a huge embarrassment to the US.

Politicians and military officials had been increasingly vocal in their criticism of China’s state-sponsored cyber espionage activities – much of which is directed at stealing military intelligence – when another national security threat, the private sector simply selling restricted technology, was in fact much closer to home.

China’s inexorable rise will soon see it take America’s crown as preeminent global superpower and in the end it is this new economic reality, and incidents like this which it gives rise to, which could yet prove the biggest threat to US hegemony.

Happy Fourth of July. ®

SANS - Survey on application security programs

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.