Why hi-tech means high risk

From the Silicon Valley to Scotland, the computer industry is under siege from gangs of violent criminals. By Niall McKay
Click to follow
Indy Lifestyle Online
Inventory Management Systems (IMS), a small computer chip dealer in Orange County, California, is built like a fortress. The company has armed guards 24 hours a day, every employee's desk has a panic button and its stock is kept in a time-locked vault. Instead of delivery vans, the company hires an armoured car service.

This is the reality of dealing in the computer chip; a commodity that weighs about an ounce, is about the size of a thumbnail and is worth more than an ounce of gold or an ounce of cocaine.

"Each Pentium processor is worth about $600 [pounds 400], so a single hold- all could have about $3m to $4m worth of goods in it," says Joe Jonovich, president of IMS. In Silicon Valley, the spawning ground for California's computer industry, there is an armed robbery every four days involving computer components.

"If the banks were held up every four days, you would have the Marines surrounding the area by the end of the week," says John O'Loughlin, directory of security at Sun Microsystems, a computer manufacturer that has been robbed twice in the past two years.

While armed robbery may seem consistent with the media image of the US, areas not best-known for their crime statistics such as the north of Scotland and the south of Ireland are no better off because they are big computer manufacturing locations. They, too, have many armed robberies; however, the statistics are not available because officials are keen not to discourage American and Asian companies from investing in the regions.

In the past year, the PC manufacturer AST Research and the microprocessor giant Intel have been targeted in Ireland. Recently, a van driver for Quantum, a disk-drive manufacturer in Dundalk, Co. Louth, was held at gunpoint and more than pounds 2.5m worth of disk drives was stolen. The driver was found handcuffed to a tree in Dublin's Phoenix Park. The disk drives turned up in Amsterdam a day later and were intercepted by the FBI in San Francisco by the end of the week.

The problem is so acute that the FBI estimates the market for stolen components to be worth $8bn a year. In Scotland, the cost of computer crime to businesses is estimated at around pounds 1bn a year. The police believe that the goods are being stolen to order.

Industry watchers believe that the computer manufacturers have been adding to the problem. "There has been a sort of unspoken conspiracy of 'ask no questions'," says Mr O'Loughlin. "If a computer manufacturer has been put on allocation by the microprocessor or SIMM [Single Inline Memory Module] manufacturer, then it will go get the parts wherever it can."

Stolen components often make their way to the "spot market", a commodities market for computer components, but they can do this via a number of routes. Spot market prices for the latest hardware tend to be higher than those of the manufacturers, but prices of components already released will be much lower than manufacturers' prices. While many of the components sold to the spot market are legitimate, many are not, according to the FBI.

Special Agent Richard Bernes, supervisor of the FBI's hi-tech squad in San Francisco, calls the component market the "grey market" because stolen goods are cut with legitimate goods in much the same way that drugs are cut with drug substitutes.

"There are many similarities between these businesses," says Agent Bernes. "These days, processors are used as currency by crime gangs. They are better than drugs or guns, because practically every police officer in the world will know what cocaine looks like but many would have never seen a computer chip before and possession of them is not illegal in itself."

The market exists because systems vendors sometimes over-order components from manufacturers, and dump the surplus on the spot market. Dealers will then try to sell the components to systems vendors who have underestimated their needs. When manufacturers have a shortfall of components, they will buy from the spot market as well. While the manufacturers blame the microprocessor dealers for the market, the dealers blame the manufacturers for creating the market in the first place.

"Intel makes its customers order microprocessors 90 days in advance," said Mr Jonovich. "Ninety days is a very long time in this business."

A spokesman for Intel Europe responded by saying that no company is doing more to combat computer crime. "We now put unique serial numbers on all our processors so that they can be tracked," says Michael Sullivan of Intel.

Companies such as IMS will buy the excess microprocessors and sell them to a third party (often a major systems vendor) that is short of processors. But while there are many reputable dealers such as IMS, there are many disreputable dealers who will buy from anybody if the price is right. "There are too many dealers out there," says Agent Bernes. "The last person in the chain may be completely legitimate. But what about the 10 dealers he has dealt with?"

However, Mr Jonovich admits that any component that enters his premises will be stripped of identifying marks. "IMS is the middle man," he explains. "Our suppliers rely on confidentiality. Many of them are large computer manufacturers whose shareholders would not be too happy if they knew they were buying processors from Intel and dumping them at a fraction of the price."

Every manufacturer has cause to dump product from time to time. Even IBM admitted that it has occasionally over-ordered or manufactured too much product for its needs. "But with us it's different," says Trevor Littlecott, UK security manager for IBM. "We have so many manufacturing operations that normally if we have overestimated our needs in Europe, we will find that we have underestimated our needs in the US or Asia."

"Stolen components can end up in any computer, including those supplied by the major manufacturers," says Agent Bernes. "The problem is that most stolen components are untraceable, so there is no way of knowing if you're buying them."

FBI officials reckon that much of the component theft in the US is carried out by Asian crime gangs in the San Francisco Bay area. Last February, the FBI carried out Operation West Chip and arrested a number of Vietnamese- American suspected gang members. "The problem with the Asian gangs is that it becomes international," says Sun's Mr O'Loughlin. "Components stolen in the Silicon Valley will probably be in Taipei or Hong Kong in a couple of days."

According to industry watchers, Taiwan and Hong Kong are ideal destinations for stolen components because there are thousands of small PC assembly operators that buy from the computer markets. In Taiwan, computer components are sold in Taipei's Kwang Hwa Computer Bazaar. Some traders openly admit that not all of the goods on sale were acquired legitimately. But Taiwanese crime organisations pose another major problem to both the industry and police forces. "Many microprocessors will test at a higher speed than their marking," says Kevin Carson, procurement director for Apricot Computers. "So many of the processors from Asia are remarked."

Last week, Cyrix Corp officials in Taiwan found Cyrix 5X86 and 6X86 processors on sale in Kwang Hwa Computer Bazaar at below cost price. It turned out that the processors were remarked IBM processors.

Whether processors are remarked or simply stolen, it is clear that the industry will have to organise itself to stop the illegal trade, according to Mr O'Loughlin.

"Some sort of major initiative needs to be taken," he says. "If we don't start working together to put pressure on the Government, and try and regulate some of the dealers, we're not only going to continue losing a lot of money, but we may put our employees' lives at stake." Meanwhile, industry watchers estimate that up to a third of all computers sold may contain stolen components.

Additional reporting by Terho Uimonen in Taipei.