Feeds

US defence biz fined for busting China arms embargo

No need for cyber-spying - just buy the damn software

Seven Steps to Software Security

A top US defence contractor has been fined $75m (£47.8m) for flogging software to China that was a vital component in the country's first attack helicopter.

United Technologies and its two subsidiaries Pratt & Whitney Canada (PWC) and Hamilton Sundstrand 'fessed up to more than 500 violations of export restrictions in a federal court at the tail end of last week.

The headline grabber, however, involves the engine control software without which China could not have completed development of its Z-10 attack chopper – a battlefield-ready beast capable of carrying 30mm cannons, anti-tank guided missiles, air-to-air missiles and unguided rockets.

According to US Immigration and Customs Enforcement (ICE), which carried out the investigation, PWC turned a blind eye to the potential military use of the software in hope of securing a lucrative contract for civilian choppers from China - a $2bn deal that never appeared.

PWC had previously sold the Asian nation ten commercial development engines that did not require export licenses. However, the biz then wilfully followed that up with electronic engine control software made by Hamilton Sundstrand and modified it for use in a military helicopter, ICE said.

The export of “defence articles and associated technical data” has been banned by the US since the 1989 Tiananmen Square massacre.

The companies did themselves no favours by failing to disclose the illegal exports for several years and then making numerous false statements to the US State Department.

"PWC exported controlled US technology to China, knowing it would be used in the development of a military attack helicopter in violation of the US arms embargo with China," said US Attorney David Fein.

"PWC took what it described internally as a ‘calculated risk', because it wanted to become the exclusive supplier for a civil helicopter market in China with projected revenues of up to $2 billion. Several years after the violations were known, UTC, HSC and PWC disclosed the violations to the government and made false statements in doing so.”

United Technologies CEO and chairman Louis Chênevert issued the following canned statement:

Export controls are an integral part of safeguarding US national security and foreign policy interests. As a supplier of controlled products and technologies to the Department of Defense and other domestic and international customers, we are committed to conducting business in full compliance with all export laws and regulations. We accept responsibility for these past violations and we deeply regret they occurred.

The fine, $20m of which can be used by United towards a compliance programme, is unlikely to financially affect a firm with revenues exceeding $50bn, but the case will be a huge embarrassment to the US.

Politicians and military officials had been increasingly vocal in their criticism of China’s state-sponsored cyber espionage activities – much of which is directed at stealing military intelligence – when another national security threat, the private sector simply selling restricted technology, was in fact much closer to home.

China’s inexorable rise will soon see it take America’s crown as preeminent global superpower and in the end it is this new economic reality, and incidents like this which it gives rise to, which could yet prove the biggest threat to US hegemony.

Happy Fourth of July. ®

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.