By Andrew Laurence and Paul Briggs
In the second of two articles on semiconductor markets from our sister publication CBR, the increasingly high-tech battle against chip theft is examined.
Early on the morning of February 28 , residents of the exclusive South San Jose Hills area, in the heart of Silicon Valley, were woken by the blast of a police stun grenade and the sound of sirens and loudhailers. They watched in astonishment as their neighbors were taken away. The police raid was just one of several that morning, part of a sweep that led to 44 arrests and the recovery of guns, gold, cash and memory chips. The haul was the culmination of a year-long undercover FBI investigation – codenamed ‘Operation West Chips’ – into a series of memory robberies in California at chip companies such as SMS Services, SCI Corporation and Piiceon Corp. And the prosecution alleges that some of those arrested were involved both in stealing and organizing the distribution of large numbers of stolen chips. One of the accused, is said to have become involved in placing chips from a raid of Centron, in Orange County, which yielded an estimated $1.8 million worth of memory chips, making it the biggest single theft of computer memory in history. Elsewhere in the indictments, Pham is alleged to have met with undercover FBI agents in order to buy stolen chips. But ‘West Chips’ is only one of a series of recent FBI sting operations. Operation ‘Dragon Teeth’ led to the arrest of a well-known legitimate chip broker, and operation ‘Bytes Dust’ established a link between heroin trafficking and stolen chips. Each time, the police were amazed at the thoroughness of the suspected thieves; among the items found in one operation, says a law officer, were carefully drawn up budgets which included an item for legal fees in the event of arrests. Following one of the recent operations, FBI supervisory special agent Richard Bernes publicly put on show a video in which undercover agents and gang members meet in a motel room to arrange the distribution of some stolen chips. The real lesson, says Deputy DA Barry, is that memory chips, SIMMS (single inline memory modules) strips in particular, are now so valuable and easy to distribute without trace, that criminal gangs are attracted from other illegal activities, such as drug dealing.
CHIP THEFT ALERT
This, says FBI agent Bernes, should put all companies dealing in or using large amounts of memory chips, anywhere in the world, onto the alert. In the police video, the use of semi-automatic weapons was referred to nonchalantly. Sooner or later, he says, there will be fatalities in Europe too. In Europe, there have been armed chip raids in Scotland and Ireland.The threat has introduced an element of fear into Silicon Valley – with good reason. In the San Francisco area, there were 57 high-tech armed robberies in 1995. In San Jose, production managers at Piiceon Corp, a victim of an armed ‘takeover’ robbery, now wear panic buttons even when they are off-site.The gangs have been attracted in part because companies storing chips have valuable stock that is not protected as much as, say, cash. And the size of the raids, says FBI agent Bernes, shows it is possible to place large amounts of chips – often by pre-arrangement – back into the legitimate grey market without difficulty. Many of the criminals are quasi-legitimate businesses who will receive from any source, says Barry. In some cases, chips are stolen, quickly exported to Taiwan or Hong Kong, put into clone machines, and reimported to the West. But the channel is so wide that this is just one route of many.It’s random, not systematic. It’s opportunistic, says Barry. The growing spot markets means that unmarked SIMMS, in particular, have a guaranteed market. The SIMMS chip is the coin of the realm, he says.Until recently, there was little sign that even the big semiconductor firms cared much about chip theft. They have not supported efforts to tag chips, which would be expensive, and sometimes have not reported thefts, which may draw attention to their weak security. But the threat of violence, along with increasing incidences of faulty, wrongly labeled and counterfeit chips being distributed under a bona fide manufacturer’s name, is changing their mood. Semiconductor giants Intel and National Semico nductor provided chips and warehouse space for a recent FBI sting operation. The problem is not confined to the suppliers. Hundreds of end-user companies have been the victims of chip-theft burglaries, where SIMMS are removed but the processor left in place, leaving the machines ‘brain dead’. And the problem is not unique to the US. In the UK, chip theft from users has reached epidemic levels, as gangs have carried out daring burglaries. At Hypertec in Hungerford, UK, thieves disabled phone lines for days in advance and carried out trial runs before entering through sewers to rob the company. They are like diamond thieves – the Pink Panthers of memory, says James Willard of Deep Blue Technology, a memory distributor which was abl e to prevent a daylight raid because of its high state of vigilance. The rewards are just as great; even after the recent price fall, a SIMMS strip is, literally, worth its weight in gold. But the daring raids pale into insignificance in the wider context of chip crime. According to the FBI, 57% of all component thefts come from employees or ex-employees, and a further 13% from business partners such as contractors. In other words, three quarters of all chips are stolen by those in positions of trust. And Barry points out that tip-offs from staff usually lead gangs to the chips. An increasingly common trick is ‘partial chip theft’, where employees take some, but not all, of a machine’s memory. The crime goes unnoticed for days or weeks, until the machine fails to run an application properly.In the US, high-tech companies have formed the Technology Theft Prevention Foundation (TTPF), and in the UK, police, insurers and big companies have formed the Joint Action Group (JAG). Both bodies have the principal aim of preventing the theft of IT equipment – especially SIMMS. Stolen SIMMS account for less than half of one per cent of all semiconductor sales, but Silicon Valley companies are reportedly losing $1 million worth of components every week; the TTPF puts US losses at $8 billion in 1995. In the UK, JAG says IT crime costs 1 billion British pounds a year. But, with little commercial or political clout, what can these small committees of experts do? Their problems are compounded by the fact that the spot market trade in chips is becoming ever more entrenched in the industry, and the supply chain is becoming more diverse and spanning ever more countries. Nevertheless, there are campaigns in four areas.The first plan is to tighten up on employee recruitment and training – especially by checking on employee backgrounds. Sun Microsystems recently vetted 87,000 applicants. Of these, 217 had given false identities, false qualifications were given by 42, and 37 had not declared criminal convictions. It is likely that Sun missed many more. Other West Coast companies have reported higher levels of lying among applicants. In many countries – especially in Europe – companies only have limited powers to check up on employees, so the reliability of staff is harder to ensure. These efforts to tighten up security among employees may work, but they are not popular. In Silicon Valley, suppliers fear that a security conscious policy, in which employees are told not to discuss thei r work or security arrangements outside the company, conflicts with employees’ values and may inhibit innovation. Many of the companies have an open, campus like culture, says Barry, himself a former attorney with Borland. Hewlett-Packard, for example, has an open-door, trust the staff policy, enshrined in the book The HP Way by co-founder David Packard. Packard once ordered the removal of locks from doors in some HP plants. But today, they are firmly back in place. Elsewhere, Advance Micro Devices has hired 160 security guards and drills its staff into how to avoid giving away important information. And at IBM’s PC factory in Greenock, Scotland, there are now closed-circuit TV cameras, and an elaborate system for logging in componen ts as they arrive. It has saved us a bucketload, says one IBM departmental manager. But most of these arrangements have been made by vendors rather than end users. The crime prevention authorities have noticed that chip thieves are moving to softer targets. Because of this, they are attempting to persuade companies to spend more on security procedures and security devices. But they are meeting with resistance because such devices add a considerable sum to already overstretched IT budgets. The market is likely to remain small unless insurance companies take a harder line, insisting on better security for a cheaper premium. Another prong in the attack is to persuade the authorities that chip theft is a serious problem. One US state official said: The FBI are very good investigators. But they are infected with topicality. We couldn’t get them to do anything in the early 1990s – it was all drugs. Now they’ve become interested and they’re doing a lot. But the police could do more. Agent Bernes, part of the FBI’s chip theft team, notes: Every cop in the US knows what coke looks like. How many know what a chip looks like… or what a stolen chip looks like? In particular, many victims believe that, as with the battle against drugs, the police need to tackle the demand more – which means more operations against brokers. The community of brokers is ready, willing and able to buy stolen chips, says Barry. Just about every legitimate broker can name other brokers who they believe buy stolen chips. This leads to the biggest problem of all: proving that stolen chips are stolen. SIMMS, in particular, and increasingly flash memory, may change hands many times in a short space of time, so their source quickly becomes unknown. The main focus of any prevention campaign, therefore, must be to provide an audit trail. So far, this has proved difficult for cost and logistics reasons, not technical reasons. The technology to tag every individual chip already exists, with improved and cheaper methods becoming available. And recently, JAG, the FBI and several computer companies agreed to back a campaign to mark chips and store the details in a database run by the Canadian software company Asset Software International. But this initiative is limited in that it requires the end-user owners to send in the details and, in any case, the numbers can be easily removed from the outside of the chip.
LIMITED IMPACT
For the moment, such initiatives are bound to have a limited impact at best, for several reasons. First, there is the cost; if it is done at source, in high-volume manufacturing sites, the cost of tagging each chip may be reduced to a few dollars, even a few cents. But Taiwanese and Korean memory chip suppliers may not want to inhibit the operation of the spot market, or add to their costs. So the tagging of chips will most likely be carried out piecemeal. Also, even if the costs are brought down, the problem of ensuring that the data is available to police across the world still remains. This would involve building an accessible database of possibly millions of parts, dating back several years. This database would have to track ownership changes which can occur several times in a day. And there would have to be at least one database known to, and easily accessible by, police forces everywhere. At present there are many private databases. Does this mean that memory chip theft will continue to worsen? The answer is no. While universal tagging is almost certainly doomed, less ambitious steps – such as the increasing scrutiny by the police of the broker community – will have some effect. The good news is that it is a totally practical crime. If we raise the temperature, they [the thieves] will move on, says Barry. But the clearest disincentive of all to the chip thieves is economic. As memory prices fall, and the cost and risk of overcoming increased security rises, then profit margins will be squeezed. In spite of all the headlines, chip crime is a business that has already peaked.
SECURITY MEASURES: RAZOR WIRE, SMOKE BOMBS AND TILT SWITCHES
Razor-wire, electric fences, infrared security cameras and smoke bombs are usually associated with top-secret military installations, or gold bullion warehouses. But not only is such protection becoming a familiar sight at companies making, storing or selling memory chips, corporate computer users are being urged by insurers and crime prevention specialists to deploy more effective security. The security industry has obliged by developing technologies which they claim will reduce or prevent chip theft. The question is, do they work, and if they do, are they worth installing? Much of the technical effort to make chips more secure has gone into tagging but insurers seem to favor a low-tech approach. Dozens of companies are offering various types of desktop bolts or encasement units, most of which simply force a thief to spend time breaking through locked cases before they can get at the chips. Police say it is a waste of time tagging or marking chips… an audit trail doesn’t prevent the initial crime, says John Randall, head of equipment supplier Game Over. While the use of steel cases and spigots has amused many in the high technology industry, it has the approval of several organizations, including the Loss Prevention Council, an insurance company-funded body which assesses security equipment. A bonus is that the boxes are sometimes fireproof. A high-tech equivalent comes from Israeli-owned security specialist, Carephone. All the best security products are coming out of Israel at the moment, says Arik Ofir, who invent ed an alarm based on a cordless phone, which was originally designed to monitor patients with heart complaints. The device remains dormant inside a PC until the case is removed, when it is triggered using a tilt-switch and a light-dependent resistor . It immediately calls a security control room, informing it that the computer has been opened. The device has a microphone, and if a password is heard, no action is taken, but if no password is given, says Carephone managing director A Regev, the dogs are sent in. He says his is the only device that keeps the office attractive and not looking like a prison.Insurance organizations are interested in other technical solutions. Apart from funding initiatives to develop effective tagging systems, they are pressing the suppliers to introduce personalized chips, so that a chip will only work with one particular motherboard. This solution has attracted some support from big chip makers such as Intel, which has its own economic reasons for closely integrating chips with the motherboard. But most memory chip manufacturers, and many PC suppliers, feel this might give Intel too much power. Another solution – which many will regard as a retrograde step – is the ‘No PC PC’, a system where all the processor motherboards, with memory, are stored centrally and securely – rather like a multiprocessor minicomputer. Each desktop PC looks like a PC, but only has a network card, keyboard and mouse controls. Police and big corporations say both the low-tech and the high-tech devices have two big drawbacks. First, the cost of installing them on a company-wide basis – even at $50 a time – is too great for many companies; and second, staff do not necessarily follow the correct procedures.
PLAYING TAG: SMART WATER, FINGERPRINTS AND DNA
Most of the time, says an FBI law enforcement officer, when we catch the brain-donors [police slang for thieves], loaded up with equipment, we have to give it back to them. His frustrations are echoed by authorities around the world. The head of an insurance organization says: Buying chips is like buying grain – you don’t know what is a second-hand chip or a new chip. The obvious solution is to tag the chips, so their origin and ownership can be quickly established. But while this is feasible, the practical hurdles will prevent it playing a significant role for many years.There are several ways of tagging the chips, which is the easy part. A small company called Kode-IT has teamed up with university material science engineers to develop a strong bonding resin for attaching a unique serial number to a memory chip. If the tag is removed, it damages the chip. The serial numbers are stored by Kode-IT in a database that can be accessed by authorities. The method has some support from the police, but there are problems. For example, if the chips are recovered in a remote country, the authorities may not know of Kode-IT’s database. The same applies if the equipment is sold to new owners. Moreover, Kode-IT cannot guarantee to maintain the database entries indefinitely – it requires a yearly maintenance fee. Another worry: IBM is researching claims that such devices may affect the heat dissipation and therefore the life or performance of the processor, though to date it ha s found no problems. Another small company, IndSol, has developed ‘Smart Water’. This is a clear, water-like solution that contains a unique genetic coding. The water can be painted onto chips, whole subsystems, or added to a company’s sprinkler syst em. The substance is invisible to the human eye, but glows under ultra-violet light. Under close examination, the chemical can be analyzed and the equipment tracked back to a particular owner. Moreover, it can stay on skin or clothes for months or longer. Ideally, the police would like to be able to go back to a manufacturer and find out exactly where any chip originated. At present, many of the major chip and PC suppliers – including Intel, IBM and AMD – give all their components ID numbers during the manufacturing process, usually laser etched on. But this can be removed easily, and in any case the data is not necessarily stored for long-term use, or it may only identify a chip as part of a large batch. Two promising methods of tagging chips are emerging. First, IBM Microelectronics is using radio frequency identifiers (RFID) to track chips as they move through the production line. The radio signal emitters are designed into the circuitry at the outset and can never be removed. Most importantly, says an IBM spokesman, the cost is just a few cents per chip. Another approach comes from a small Scottish company Memory Corp, one of only two companies in the world to have developed a technology for building SIMMS strips from damaged memory chips. It has developed a way of analyzing the faulty circuitry on each chip. Because every chip has a different pattern of faults, says Memory Corp managing director Cameron McColl, the pattern it finds is effectively a fingerprint of that chip. Not only can Memory Corp take any chip and identify its source, but it can also provide the technology for other manufacturers to do the same.