New York tech firm secretly sold Chinese equipment to U.S. military, say Feds

Aventura Technologies, a New York-based security tech company found an unexpected caller at their front door Wednesday morning: federal agents, who came armed with warrants to search the premises and arrest several current and former employees. The reason? An elaborate scheme designed to pass off cheaply made Chinese counterfeit security technology as American products, which were then sold to the U.S. Army, Air Force, and other federal agencies.

The alleged scheme had been underway for more than a decade, with Aventura passing thousands of shipments of security technology including night vision and body cameras, as American-made. Their products have been installed in military bases and aircraft carriers. The formal charges against the 7 Aventura employees include conspiracy to commit wire fraud and illegal importation, with two of the employees (Jack and Frances Cabasso) also facing charges of money laundering conspiracy.

Counterfeit Chinese Tech

Counterfeit technology, particularly from China, poses an immense security risk. While the U.S. Attorney in Brooklyn, Richard Donaoghue, declined to state whether the case had been linked to any known Chinese espionage efforts or if any breaches had occurred that were connected with Aventura equipment.

However, he did remark that “This software that was then put into U.S. systems was known to have vulnerabilities that would allow others to access those networks. Obviously, it’s a grave concern to the United States that infrastructure is compromised by hardware and software made in the People’s Republic of China.”

The arrests of Aventura employees come at a time of tense diplomatic relations between the U.S. and China, with concern over Chinese tampering in American tech at an all-time high.

The Mastermind

Authorities allege that Aventura’s actions were architected by its owner, Mr. Jack Cabasso. In a memo requesting his detainment, the Feds characterize him as a shrewd con-man and skilled manipulator whose criminal record stretches back to the 1980s. Cabasso has several ties to Chinese businesses and faces separate false representations charges for, allegedly, misrepresenting his wife as Aventura’s CEO to secure Woman-Owned Small Business set-aside contracts. Federal agents also seized several of Cabasso’s private assets including a 70ft long luxury yacht.

Know Your Business

The alleged crimes of Aventura highlight a fundamental truth of the modern age: That knowing the origin of a technology is paramount to maintaining enterprise security. Nobody knows this better than the U.S. armed forces, where a single compromised component can be a matter of life and death. The U.S. Army thought they knew their first-tier supplier, but failed to learn who was in their sub-tiers until recently, after circulating thousands of shipments of compromised security hardware. Aventura assured the government that everything was made in a New York factory. Clearly, entities with sensitive interests such as the U.S Armed forces cannot rely upon their first-tier suppliers to accurately disclose their sub-tiers.

The story articulates the need for a total Supply Chain Monitoring solution, one that provides real-time visibility into every tier of a supply train.

Interos

Interos Inc., (Interos.ai) located in the Washington, D.C. area, delivers transparency, knowledge, and modeled outcomes so organizations can make smarter decisions about their global connections. Interos visualizes relationships, computes 3rd party relationship health, and monitors ecosystem interactions to reveal opportunities and risks. Interos serves customers in finance, aerospace, CPG, food, manufacturing, retail, technology and the government.

Amazon’s failure to police 3rd parties in its supply chain draws public ire

As the world’s largest….well, everything, Amazon is no stranger to finding itself in the hot seat. As of late they’ve found themselves facing scrutiny over their handling – or lack thereof- of 3rd party partners. The world’s largest digital retailer generated $232.9 billion in revenue in 2018 and 3rd party sellers account for 50% of those sales. Since January 2017 over 3.3 million new sellers have joined the Amazon marketplace. The presence of 3rd parties allows Amazon to offer an even greater diversity of products but those 3rd parties are also largely unvetted, despite the appearance of authenticity leant by Amazon’s store front.

3rd Part Havoc

This approach has come home to roost for Amazon lately, with the retail giant coming under even greater scrutiny after a story broke revealing that numerous Amazon customers had received expired grocery products including baby formula, coffee, and beef jerky.  A data analytics company, on behalf of CNBC, performed an analysis on the site’s 100 top-selling food items, discovering that at least 40% of 3rd party sellers had over five complaints alleging that they had received an expired product.

Unethical Clothing

These items are only the tip of the iceberg. The Wall Street Journal has published multiple stories on the consequences of the marketplace’s slipshod approach to vendor management. These include stories on Amazon providing some 4000 products that had been deemed unsafe by federal regulators, and the company’s clothing brands sourcing from factories that had blacklisted by the greater fashion industry for unethical labor conditions.

The clothing from these factories was sold on Amazon largely by 3rd party wholesalers and has since been removed from the site. While Amazon does perform safety inspections on factories that manufacture Amazon-branded products, they do not investigate producers behind goods listed by 3rd parties.

Amazon’s Response

Amazon consumer chief Jeff Wilke, speaking at the WSJ Tech Live conference, acknowledged that Amazon’s business depends on customers trusting the company and that the company recognizes it could lose its status as a trusted brand if the perception builds that it isn’t policing the products it sells. Wilke cited those factors as motivation for Amazon spending $400 million in 2018 on technology and a staff of 5,000 people tasked with tracking counterfeit and unsafe items.

“We have to be vigilant and willing to spend hundreds of millions and eventually billions of dollars to protect our customers,” said Mr. Wilke. He also stated that the company is lobbying for stiffer federal penalties for counterfeiters.

Electronics Regulation

So far Amazon has taken small steps to regulating some 3rd party retailers, particularly those selling used electronics products. Specifically, Amazon has rolled out rules requiring 3rd parties selling Nintendo and Apple products (as well as used DVDs, oddly) to obtain approval from the relevant company before selling. It’s unclear if these directives stem from Amazon however, with many sellers speculating that such missives are directly from businesses looking to lock down the amazon market on their own products. The rule change is also likely connected to Amazon’s continuing issues with counterfeit products being sold on the store.

Footwear Foul

The American Apparel and Footwear Association (AAFA) recently added Amazon to its list of “Notorious Markets,” which primarily includes markets with serious counterfeiting issues.

“While we are happy to have seen increased engagement with Amazon on brand protection issues during the past year,” said AAFA president Rick Helfenbein, “that engagement regrettably has not translated into a discernible decrease in counterfeits of our members’ products on Amazon’s marketplaces.”

In addition to spending over $400 million to combat fakes, Amazon has previously sued multiple 3rd parties for counterfeiting, but such an approach is not scalable to policing the millions of 3rd parties using Amazon’s marketplace.

A Scalable Solution

Businesses like Amazon that rely on vast, and seemingly untamable, network of 3rd parties need scalable mechanisms for vetting, monitoring, and managing the kinds of risk those 3rd parties bring. Whether its risk of a cyber-attack via a vendor, the risk of unintentionally selling a counterfeit product, or inadvertently providing a platform for a vendor that uses unethical labor, all big businesses are exposed to some form of 3rd-party risk. Amazon simply has more public exposure.

The only way for enterprises to tackle this problem is by leveraging the power of emerging technologies like machine learning to ensure the origin, authenticity, and integrity of products and their manufacturers.

But how?

Interos Inc., (Interos.ai) located in the Washington, D.C. area, delivers transparency, knowledge, and modeled outcomes so organizations can make smarter decisions about their global connections. Interos visualizes relationships, computes 3rd party relationship health, and monitors ecosystem interactions to reveal opportunities and risks. Interos serves customers in finance, aerospace, CPG, food, manufacturing, retail, technology and the government.

Interos, the world’s leading (and only) AI-powered supply chain risk management platform. Check out the rest of our site to learn more.