FBI partially blames procurement rules for fake IT products

Pursuit of lowest price and multiple subcontractors makes it easier for counterfeit hardware to end up on agency systems, increasing security threats.

The government's entrenched policies for buying information technology is a major primary cause for many agencies installing fake Cisco network gear into their networks, which leads to the possibility of systems failing or the loss of sensitive data, according to the FBI.

Comment on this article in The Forum.The FBI, along with the Homeland Security Department, seized more than 400 pieces of counterfeit Cisco network hardware with an estimated retail value of more than $76 million during a two-year investigation dubbed Operation Cisco Raider, announced by the Justice Department this year. According to an internal FBI briefing, which leaked onto the Internet last week, the gray market in equipment manufactured by Cisco, which controls 80 percent of the market for network routers, could cause failure of critical computer networks or the loss of sensitive data.

The bureau placed much of the blame for the fake equipment finding its way onto government computer systems on current acquisition policies that the government follows to buy IT equipment, which encourages agencies to award contracts to companies offering the lowest possible price, because contractors buy the low-cost equipment to remain competitive. Policies that allow contracting officers to permit bidding companies to work with subcontractors, who often buy equipment from other subcontractors, exacerbates the problem, because it becomes harder to track the origin of the equipment from manufacturer to supplier, the FBI concluded. Finally, policies that encourage the government to buy from small businesses also increases the possibility that the government can buy fake equipment because typically these companies' business practices are not as well known.

The sale of counterfeit network equipment "threatens international commerce, national security and the very safety of our citizens," said Julie Myers, assistant secretary of U.S. Immigration and Customs Enforcement, in February at the investigation.

The FBI briefing said the department faces an "intelligence gap" on the sale of counterfeit equipment and raised questions on whether the fake Chinese gear was sold for profit or for state-sponsored purposes. The bureau's internal briefing also questioned whether the fake equipment could be used to gain access to secure systems or weaken the encryption used on systems.

Alan Paller, director of research at the SANS Institute, a nonprofit cybersecurity research organization in Bethesda, Md., said the government should be seriously concerned about the counterfeit equipment, because of the possibility that an enemy could have built in a back door that would allow access to sensitive information stored in databases. He said, however, none of the counterfeit switches or routers discovered in the FBI investigation appeared to have back doors.

An emphasis on low-cost and the use of subcontractors resulted in Lockheed Martin Corp. selecting American Data and Computer Products to supply Cisco switches for a Navy project. Government Executive reported on the incident in September. Having won the contract, American Data then bought switches from Largo, Fla.-based computer equipment supplier Gulfcoast Workstation, a division of Relational Technology Services. After the purchase, Robert Castro, president of American Data, said he discovered that 48 of the 68 switches were counterfeits made in China. The other 20 were original Cisco equipment, but the switches' supply chain route was suspect, he said.

Castro said he informed the Naval Criminal Investigative Service and Lockheed about the problem. Cisco inspected the switches, which already had been shipped and installed at Lockheed's undersea systems facility in Manassas, Va., and determined they were original. Castro said he continued to investigate by matching serial numbers on the fake switches with a real Cisco product, and proved the equipment was indeed fake.

At another facility, operated by the Navy, Castro said he determined eight switches were fakes. Other switches at the facility, while genuine Cisco equipment, came from such doubtful sources, that Castro, a former Marine Corps intelligence officer, said they should be removed as well.

A Cisco brand protection team routinely leads an effort to protect the company's brand from counterfeiters and works closely with law enforcement agencies worldwide, Bruce Klein, vice president of federal sales, and Phil Wright, director of brand protection, said in a statement supplied to Nextgov.

Klein and Wright said the company worked closely with the FBI on Operation Cisco Raider and briefed high-level executives at government agencies about the problem. Klein and Wright said the best way federal customers can protect themselves from fakes was to buy equipment only through authorized Cisco channels.

Lockheed officials did not respond to queries before this article was posted.

About 10 percent of the products sold in the global IT equipment market are counterfeit, according to a white paper consulting firm KPMG wrote for the Alliance for Gray Market and Counterfeit Abatement. The FBI estimates the percentage of counterfeits is higher, but did not provide specifics.

The FBI investigation also resulted in the indictment in January of brothers Michael and Robert Edman, who, through their company Syren Technology in Fort Bend County, Texas, sold fake Cisco gear to the bureau and the Air Force, Marine Corps and Federal Aviation Administration.

eGlobe Solutions also sold counterfeit Cisco gear from China to the Naval Academy, the Naval Air Warfare Center, the Naval Undersea Warfare Center, an Air Force base in Germany, the Bonneville Power Administration and the General Services Administration. Two principles of eGlobe were indicted and convicted last year, according to a GSA inspector general report.