recommended reading

Sensitive military technology easily bought and sent to foreign countries

An undercover investigation by a federal watchdog group showed how ineffective laws and poor enforcement of procurement regulations allow companies to purchase sensitive military technologies for export to possible terrorist groups and foreign governments.

Auditors from the Government Accountability Office, who posed as representatives from a fictitious company, were able to purchase sensitive technology equipment such as night-vision scopes that U.S. soldiers use in Iraq and Afghanistan, hardware to detonate nuclear weapons, sensors used in improvised explosive devices, and gyro chips for guided missiles and military aircraft.

During its investigation from May 2008 to June 2009, GAO also was able to purchase an F-16 engine-monitoring system computer, which the Air Force uses in single-engine aircraft to monitor engine performance, said Gregory Kutz, managing director of forensic audits and special investigations at GAO, in his testimony before the House Subcommittee on Oversight and Investigations on Thursday.

"The only thing more surprising than the ease with which GAO acquired this sensitive equipment is that fact that it was apparently entirely legal," said subcommittee Chairman Bart Stupak, D-Mich., in his opening testimony. "There is no requirement for them to conduct any background checks or due diligence on the buyers, much less submit the proposed sale to the government for a license to purchase. This is obviously not satisfactory."

Interviews with officials from the State and Commerce departments and a review of existing laws confirmed that there are few restrictions on domestic sales of dual-use technology, which serve both commercial and military purposes, GAO reported. During its investigation, the watchdog agency found that manufacturers and distributors only asked that the undercover agents sign forms verifying the products would not be used illegally or for terrorist plots.

"U.S. regulations are designed to keep specific military and dual-use items from being diverted to improper end users, [but] current regulations focus on the export of these items and do not address the domestic sales of these items," Kutz said.

Anyone who sells products and services on the U.S. Munitions List -- articles, services and associated technology designated as defense related by the United States -- or on the Commerce Control List -- items subject to federal export regulations -- "is under no legal duty to perform any type of due diligence on a buyer" when the items are sold within the United States, he said.

GAO also was able to send through Federal Express nonfunctional versions of items it had bought from manufacturers -- including the gyro chip and an accelerometer, a known component for smart bombs -- to a country in Southeast Asia that is a known distribution center for terrorist organizations, according to the report. The items were shipped in nondescript boxes that did not reveal the contents.

"Terrorists and foreign governments that are able to complete domestic purchases of sensitive military and dual-use technologies face few obstacles and risks when exporting these items," Kurtz said. GAO officials fear terrorists or other countries could use the equipment to work backwards to create weapons against the United States.

Two laws govern oversight of the export of potentially sensitive items. The 1976 Arms Export Control Act assigns State the responsibility to regulate the export of military items included on the U.S. Munitions List. The 1979 Export Administration Act assigns Commerce the responsibility to regulate the export of dual-use items that are included on the Commerce Control List. Exporters are required to place their products on one of the two lists, and, if required, obtain a license to export the items. They also are required to electronically notify Homeland Security Department officials when the products arrive at the port of export for inspection.

Both laws require shippers to report the export of sensitive items. Officials from several agencies told GAO that there is no practical way to ensure that packages leaving the United States that contain export-controlled items can be identified and consistently searched.

In addition, companies that are caught breaking export rules may continue to do business with the federal government because they sell products that are crucial to military operations. In March 2007, ITT Corp., the leading manufacturer of military night-vision equipment, was convicted of a criminal violation of the Arms Export Control Act for sending classified materials to China and other nations, knowingly violating export license agreements. The company pleaded guilty and was ordered to pay $100 million, but it was not debarred from doing business with the federal government.

When asked by subcommittee members how ITT could still be doing business with agencies, Michael Alvis, head of business development, said ITT is "the world leader in night vision," and it is best able to fulfill military requirements for such technologies. He added that the technology was not compromised, and "drastic changes" were made in management to ensure another export violation would not occur.

Preventing the illegal export of sensitive items used in nuclear weapons, IEDs, and other military applications requires stopping the purchase of the items at the source "because once sensitive items make it into the hands of terrorists or foreign government agents, the shipment and transport out of the United States is unlikely to be detected," the report noted.

GAO conducted a separate undercover investigation in April, when a team of agents found similar military items for sale on eBay, Craigslist.org and other Web sites that allow person-to-person sales. "What we are dealing with is not an inability to enforce security measures, but a lack of policies and procedures to enforce," said Nicholas Fitton, chief executive officer of technology reseller Section 8. "We don't need tighter restrictions and more limits on what can be sold, but [we do need] to use common sense and understand what the actual items are that are being sold."

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.