NEWS AND ANALYSIS:
The Commerce Department’s Bureau of Industry and Security, the agency in charge of monitoring compliance with export controls, is investigating the hard-drive maker Seagate Technology over a possible breach of sanctions imposed on China.
According to two people familiar with the probe, California-based Seagate is suspected of improperly selling hard drives to Chinese tech giant Huawei Technologies that contained microchips subject to export controls after the ban was bolstered in August.
Sanctions were imposed on Huawei in May 2019 and tightened last summer when Commerce Department officials added scores of Huawei overseas affiliates to its blacklist of companies that are restricted from purchasing U.S. microchips or equipment containing microchips.
The August action sought to close a loophole that allowed Huawei to purchase microchips for its products from American manufacturers through its foreign subsidiaries.
The Bureau of Industry and Security (BIS), citing national security concerns, stated in its Aug. 17 notice that the new curbs bar Huawei or any affiliate from buying “foreign made chips developed or produced from U.S. software or technology to the same degree as comparable U.S. chips.” The regulation had the effect of banning most technology products to Huawei.
Huawei is under federal indictment in New York for violating U.S. laws restricting financial transactions with Iran, and in Washington state for suspected theft of trade secrets from T-Mobile.
“BIS has no comment,” spokeswoman Katelyn Christ told Inside the Ring when asked about the Seagate probe. Seagate officials did not return emails seeking comment.
White House spokeswoman Jen Psaki recently called Huawei an example of an “untrusted vendor” of telecommunications gear that could pose a security threat, a sign the Biden administration may not back off sanctions imposed by the Trump administration on Huawei.
Seagate Chief Financial Officer Gianluca Romano told a technology conference in September that the company did not believe it needed an export license to sell hard drives to Huawei.
“We are still going through the final assessment, but from what I have seen until now, I do not see any particular restriction for us in terms of being able to continue to keep the Huawei or any other customers in China,” Mr. Romano said. “So, we do not think we know we need to have a specific license.”
The remarks were first reported in the online newsletter Tom’s Hardware, which asked Seagate whether it had sold hard drives to Huawei after September.
A Seagate spokesman told the newsletter that the company “continuously monitors and complies with policies and regulations across the world. We are aware of the actions by the U.S. Department of Commerce to add multiple Chinese entities to the Entity List and we continue to review this situation and will fully comply with these rules and regulations.”
The Huawei sanctions are being closely watched by Rep. Michael T. McCaul, the Texas Republican who chairs the House China Task Force.
Mr. McCaul has asked the BIS for a briefing on threats posed by Chinese technology companies and for detailed lists of Chinese-related export license requests and approvals.
China “has intertwined its military into its industrial and innovation base, most recently termed military-civil fusion, to extract technology obtained through commercial and civil licensing, partnerships, and trade interaction to achieve military superiority over its adversaries.,” Mr. McCaul wrote in a Nov. 9 letter to then-Commerce Secretary Wilbur Ross.
A government source said the recent appointment of Steven Emme to head the BIS is a troubling sign that export controls for China could be loosened in the new administration.
Mr. Emme is the bureau’s chief of staff and until recently worked on export control compliance for the law firm Akin Gump Strauss Hauer and Feld. In 2020, Akin Gump received $300,000 in lobbying fees from the Chinese military-linked telecommunications company ZTE, according to a congressional disclosure report.
CHINA TARGETING WEST COAST
Air Force Gen. Glen VanHerck, commander of the U.S. Northern Command, warned this week that China could disrupt military supplies with missile attacks on the West Coast.
The disruption is part of China‘s military buildup targeting the U.S. and Beijing’s efforts to conduct “an aggressive geopolitical strategy” near the United States in a bid to undermine American influence.
“In the foreseeable future, China will likely be able to augment its cyberattack capabilities with a new family of long-range precision strike weapons capable of targeting key logistical nodes on our West Coast that support U.S. mobilization and sustainment,” Gen. VanHerck said in prepared testimony to the Senate Armed Services Committee.
The four-star general did not elaborate on the missiles China plans to use but mentioned new long-range cruise missiles and ultra-high-speed hypersonic missiles. Over the next decade, Beijing plans to deploy a new generation of advanced weapons, including missile defense-defeating hypersonic missiles.
The new arms “will further diversify [China‘s] nuclear strike options and potentially increase the risks associated with U.S. intervention in a contingency,” he said.
Another worry is defending against cruise missile attacks. Gen. VanHerck said NORAD is working to counter threats posed by advanced long-range cruise missiles from Russia and — soon — China.
“These sophisticated weapons are difficult to detect and can be launched from significant distances against targets in the United States and Canada from launch sites on Russian soil and by long-range bombers, attack submarines and surface vessels,” he said. “Russia has already amassed an inventory of both nuclear and conventional variants, while China is expected to develop similar capabilities in the next decade.”
The missile threat requires better sensor networks and intelligence, Gen. VanHerck said, noting that improved missile defenses are “fundamental to the defense of our homeland.” China also is building up its military and conducting extensive cyberattacks that Gen. VanHerck said are “stealing volumes of sensitive data from U.S. government, military, academic, cleared defense contractors and other commercial networks each year.”
“In a crisis, China is postured to transition rapidly from cyber exploitation to cyberattack in an attempt to frustrate our ability to flow forces across the Pacific, and globally,” said the general, who leads the North American Aerospace Defense Command.
Beijing also is working on weapons that threaten U.S. space-based communications and sensors, key elements of American long-range war-fighting capabilities.
China‘s nuclear buildup is seeking weapons and forces to rival those of the United States “in sophistication, if not in numbers,” he said.
China, he added, “has made deliberate attempts to increase its economic and political influence with our close partners in Mexico and the Bahamas.”
Beijing is seeking to infiltrate the telecommunications sector in both countries, he noted. China is seeking to expand trade and investment in Mexico and, over the past few years, has invested in the Bahamas’ tourism sector through infrastructure projects.
MILITARY SUPPLY CHAIN BREACHED
A military source tells Inside the Ring that China has breached a sensitive U.S. military program by penetrating electronic equipment used in the operation. The compromise was discovered during a security review of equipment that revealed electronic components manufactured by a Chinese-linked company.
As a result, five of six compromised components had to be replaced to avoid potential Chinese electronic access.
No additional details of the compromise could be learned.
A report by the Pentagon’s Defense Science Board warned that the microelectronics contained in modern weapons systems are increasingly vulnerable to attack.
“Exploitation of vulnerabilities in microelectronics and embedded software can cause mission failure in modern weapons systems,” the report said. “Such exploitations are especially pernicious because they can be difficult to distinguish from electrical or mechanical failures and because effects can run the gamut from system degradation to system failure to system subversion.”
Supply chain vulnerabilities can be inserted into components or software through cyberoperations, and there are signs of “unsuccessful attacks on critical weapons systems via malicious insertion,” the report said.
“When done effectively, malicious insertion will not be detectible until actuated and it may present as a design flaw when ultimately observed,” the report said.
While military systems had not been detected in the 2017 report, civilian systems were breached. For example, Volkswagen created a “defeat device” in its cars to thwart U.S. emissions testing.
• Contact Bill Gertz on Twitter at @BillGertz.