ExportLawBlog » China

Archive for the ‘China’ Category

Oct

14

White House Authorizes Temporary Export of C-130s to China

Posted by Clif Burns at 9:06 pm on October 14, 2010

C-130 Last Friday the White House notified Congress that it intended to waive the arms embargo to permit the temporary export of C-130 cargo transport aircraft to China. The waiver was granted at the request of an unnamed European company that uses the aircraft in oil spill cleanup operations and would permit these aircraft to land in China. A temporary export license would be required and would be granted on a case-by-case basis, likely restricted to the oil spill scenario that served as a basis for the waiver.

Nevertheless, the usual suspects are predictably upset and see this as a slippery slope that culminates in the U.S selling fighter jets and atomic bombs to China

The C-130 proposal is obviously a toe in the water and, as such, should be rejected,” said John Bolton, former undersecretary of state for international security. “This administration seems to have two messages about America for foreign governments: weak and weaker.”

An administration official said that the waiver was not intended to allow the sale and export of C-130s to the Chinese government.

Permalink

Comments Off

Aug

26

Export Licenses For Radar Sales to Taiwan Complicate US-China Relations

Posted by Clif Burns at 8:51 pm on August 26, 2010

Chinese Military Poster There was an interesting colloquy on Tuesday during the State Department’s daily press briefing. After Assistant Secretary Philip Crowley announced the approval of export licenses to permit sale of military radar systems and components to Taiwan, one reporter asked what China’s reaction would be to the sale. China, of course, objects to all military sales to Taiwan, but Crowley dodged the question, saying ” Iâ€™ll let China react to this as they see fit.”

QUESTION: Just a quick one. As far as this â€“ the Pentagon report to Congress on China, how much concern do you have as far as Chinese military buildup?

MR. CROWLEY: Well, it is a â€“ it is something that we watch closely. Itâ€™s something that other countries in the region watch closely. We would like to have a fuller military-to-military relationship and dialogue so that we can better understand Chinaâ€™s long-term military plans, and that is something that we continue to seek.

What Crowley doesn’t mention is that it was China that cut off military-to-military contact between the U.S. and China last January after the last announcement of U.S. arms sales to Taiwan. These new sales aren’t likely to change the situation.

Permalink

Comments (1)

Feb

8

Do Not Open That Email Attachment

Posted by Clif Burns at 10:11 am on February 8, 2010

Category: China • Technical Data Export

Big News! Everyone that has sensitive data (including, of course, ITAR-controlled data) on their computers networks should read this sobering article in Wired, which reveals, for the first time that I am aware of, the methodology, extent and scope of Chinese cyber-attacks on U.S. computer networks. After you read this article, there will be no question in your mind that these attacks are orchestrated and carried out by the Chinese government, even though the Chinese government is currently issuing risible denials of its involvement. Also, you will never open an email attachment again from anyone. The problem is, of course, that someone on your network will.

Called Advanced Persistent Threats (APT), the attacks are distinctive in the kinds of data the attackers target, and they are rarely detected by antivirus and intrusion programs. Whatâ€™s more, the intrusions grab a foothold into a companyâ€™s network, sometimes for years, even after a company has discovered them and taken corrective measures. â€¦

The Heartland and RBS attackers, and other criminal hackers of their ilk, tend to use SQL injections attacks to breach front-end servers. The APT attackers, however, employ undetectable zero-day exploits and social engineering techniques against company employees to breach networks.

â€¦ They attempt to take every Microsoft Word, PowerPoint and Adobe PDF document from every machine they compromise, as well as all e-mail, says Mandia. â€¦

Last year, for example, an unidentified defense contractor discovered 100 compromised systems on its network, and found that the intruders had been inside since at least 2007.

APT attackers also appear to be well-funded and well-organized. In some cases, Mandiant has found multiple groups inside a network, each pursuing their own data in a seemingly uncoordinated fashion. â€¦

Many entities donâ€™t discover a breach until someone from law enforcement tells them. By then, itâ€™s too late.

â€œBy the time the government is telling you, youâ€™ve already lost the stuff you didnâ€™t want to lose usually,â€ Mandia says, noting that itâ€™s generally not possible to ascertain everything that an attacker took.

While APT attacks are sophisticated, they use simple techniques to gain initial entry and, once inside, adhere to a pattern.

For starters, the attackers conduct reconnaissance to identify workers to target in spear-phishing attacks â€” such as key executives, researchers and administrative assistants who have access to sensitive information â€” and then send malicious e-mails or instant messages that appear to come from a trusted colleague or friend.

The e-mails have an attachment or link to a ZIP file containing zero-day malware that exploits Microsoft Office or Adobe Reader vulnerabilities. Google employees received an e-mail with malware that exploited a vulnerability in Internet Explorer 6 that Microsoft had not yet publicly disclosed.

Once the attackers have a foothold on one system, they focus on obtaining elevated access privileges to burrow further into the network. They do this by grabbing employee password hashes from network domain controllers â€” and either brute-force decrypt them or use a pass-the-hash tool that tricks the system into giving them access with the encrypted hash.

Not only should you be extremely cautious about email attachments and forwarded links, even from trusted friends, but also you might think about taking down your entry on LinkedIn or other business networking sites. Unless, of course, it’s already too late.

Permalink

Comments (4)

Jan

5

The Name Game Chinese Style

Posted by Clif Burns at 8:16 pm on January 5, 2010

Category: China • OFAC • Sanctions

Tiananmen Square An interesting story in today’s Wall Street Journal details instances in which a number of U.S. companies imported items from China Precision Machinery Import Export Corporation despite the fact that CPMIEC is on the Office of Foreign Assets Control’s Specially Designated Nationals List. The reason for this, asserts the story, is that Chinese companies on the SDN list “have proved adept at creating aliases or subsidiary shell companies to mask their ownership.”

Consider this example cited in the article:

John Iliff, general manager of American Forge & Foundry, says the single shipment of oil-drainage tanks it received in 2006 from the CPMIEC unit set off no alarms. “Trading in illegal goods certainly never crossed our minds,” he says.

The shipment came from China JMM Import & Export Shanghai Pudong Corp., which didn’t appear on any sanctions list until Thursday. Records indicate the company shares an address and phone number with a CPMIEC unit that was previously banned: CPMIEC Shanghai Pudong Corp. The Treasury determined that the two companies are affiliated.

That designation of JMM Import & Export occurred just a few days ago on December 31, 2009, almost three years after the cited shipment. But there were several red flags that American companies might have picked up on before OFAC’s belated designation of the CPMIEC affiliate. Not only is there a similarity in the names of the two companies, but they shared the same street address. Standard procedure should be not only to check names on the SDN list but addresses as well.

But the larger issue here is that the obvious ease with which Chinese companies can morph into new entities effectively renders company-based sanctions almost completely ineffective. It’s obviously as easy for Chinese companies to rename themselves as it is for underage Chinese gymnasts to acquire new, earlier and eligible birth dates on official documents. I’m not so sure what the solution is here but it doesn’t appear to be imposing penalties or additional compliance obligations on U.S. companies that deal with affiliates of companies on the SDN list.

Permalink

Comments (5)

Apr

10

Email: A Prosecutor’s Best Friend

Posted by Clif Burns at 7:32 am on April 10, 2009

Category: BIS • China • Criminal Penalties

ABOVE: Everjet HQ, allegedly

According to a Department of Justice press release, a federal grand jury indicted a California man and two of his companies — Fushine Technology, Inc., a California corporation, and Everjet Science and Technology Company, which is based in the PRC — for unlicensed exports of controlled microwave equipment to China.

Export prosecutions require proof that the defendant understood that the exports in question were illegal. Since there is often little dispute as to whether the exported item required a license or that a license was not obtained, this makes this scienter element the most important and interesting element of each case. Here the press release contains allegations that, if true, might go a long way towards showing the scienter element:

The indictment further alleges that the defendants knew about the licensing restrictions and specifically sought to circumvent them. The indictment quotes from an internal company e-mail in which an Everjet employee told a Fushine employee, â€œSince these products are a little bit sensitive, in case the maker ask you where the location of the end user is, please do not mention it is in China.â€ The indictment also quotes from another e-mail in which Lu advises a subordinate to pretend that the intended end-user for an item is in Singapore rather than China.

It seems to me that recent press releases, instead of merely focusing on the allegedly grave impact of the particular export on national security, have begun to provide much more information revealing the prosecution’s case for its claims that the exporter knew the export was illegal. And often the case revolves around emails sent to and from the exporter. Back in the days when exporters and their foreign customers communicated mostly by telex finding such proof was no doubt more difficult. But now the evidence may come, as allegedly it did in this case, wrapped up in a little gift package with a nice decorative bow on top and a subject line reading “Don’t tell anybody this chip is going to China.”

Permalink

Comments (6)