| When it comes to crime,
silicon is nearly good as gold. Last Christmas, a gang sliced open the padlock
on a parked big rig north of the 101 freeway in Santa Clara, CA, quickly
loaded the booty onto a nearby truck and drove off into the night. The holiday
payoff: a cool $3 million in Cisco boards. Three weeks later, just before
midnight on Sunday, January 12, a driver left an American Airlines van unattended
near London's Heathrow Airport. Two men stole the van and its princely cargo,
more than $10 million worth of Pentium 4 chips.
Truck hijackings and cargo thefts of chips and components are rife at airports,
freeways and ports around the world. The cases cited above are just a glimpse
of a worldwide epidemic that shows no sign of abating. Just days before the
stunning Heathrow heist, a gang of thieves and fences was sentenced for a
series of U.K. technology thefts that totaled more than $15 million. The
perpetrators of the Cisco and Pentium thefts are still at large, and both
cases are being actively investigated by the authorities.
Swooning semiconductor prices haven't diminished the risk of logistics theft
for major manufacturers. A van or small truck can easily carry $10 million
or more of chips—and provide criminals with millions in profit. Increasingly
adept thieves can disarm sophisticated alarms and GPS tracking devices and
empty a silicon-laden truck in minutes.
Cargo crime threatens efficient logistics, strains critical business
relationships and costs individual companies a few million to tens of millions
of dollars in annual losses. When manufacturers were first blitzed by widespread
component theft in the early 1990s, many responded by "hardening" their
facilities, emphasizing the basics of old-line security, the three Gs: guns,
guards and gates. Today, some companies confronted with high-tech hijackings
and cargo thefts are finding success through the smart use of guards. But
they're also investigating the fourth G: gizmos, an intriguing array of
electronic tracking and alarm and access control systems soon to hit the
market.
Painful losses
It's the perfect crime. Unlike with cocaine or other illicit drugs, possession
of stolen chips isn't illegal on its face. Small, light and often lacking
serial numbers, chips pose an ideal target, the modern equivalent of uncut
diamonds. Indeed, the FBI says many high-tech firms lack the records necessary
to prove that a particular batch of components was stolen. Meanwhile, Internet
auctioneers and gray and black marketers provide a ready global market for
stolen goods.
The industry downturn makes losses even more painful. "With eroding margins,
cargo crime is more visible than it has been in previous decades," says Dan
Purtell, Americas investigations manager for Intel, Santa
Clara, CA. "It comes right off the bottom line." Companies often find themselves
competing against their own merchandise on the black market, further driving
down prices.
Marquee firms have been hit especially hard. Joe Chiaramonte, director of
security for Sun Microsystems, Palo Alto, CA, says that
for a time, his company was the vendor of choice for thieves. "Not only did
we have cargo theft but our customers were getting burglarized too."
No one knows exactly how many billions of dollars' worth of chips and computers
are stolen each year. The National Cargo Security Council estimates that
$15 billion worth of cargo of all kinds is stolen annually—and more
than $50 billion worldwide. "Part of the problem is that companies don't
fully report their losses," says Bonni Tischler, vice president for global
transportation and supply chain security of Pinkerton Consulting &
Investigations, New York, NY. "The cargo theft figures you hear about are
only the tip of the iceberg." The FBI, which compiles detailed statistics
on car thefts and home burglaries, keeps no data on the theft of high-tech
products—even though manufacturers fear that some of the stolen booty
is finding its way to countries on the do-not-export list such as Pakistan,
Iraq and Iran.
In the long run, the Bush administration's war on terrorism may aid in the
fight against cargo crime. Government-sponsored efforts, such as the Customs
Trade Partnership Against Terrorism (C-TPAT), an initiative to improve supply
chain security and certify approved "known" shippers, should eventually tighten
security at airports and ports. But today the reality is that many FBI agents
who formerly fought cargo crime have been reassigned to antiterrorism duty.
Strapped state and local law enforcement agencies, saddled with Homeland
Security duties, are finding it tough to fund cargo crime investigators.
"It's the grand finale to the budget crunch," says Louis Tyska, former chairman
of the National Cargo Security Council in Annapolis, MD. "U.S. attorneys
have been told that fighting cargo crime is no longer a priority."
Last summer, one of the nation's premier cargo crime-fighting squads, the
Los Angeles County Sheriff's Cargo Criminal Apprehension Team (nicknamed
Cargo Cats), was disbanded, because of a budget crunch, leaving the nation's
largest port, the one encompassing Los Angeles and Long Beach, vulnerable.
A vigorous campaign by the transportation and insurance industries raised
enough funding to bring back the Cargo Cats for a year—albeit with a
team of seven instead of 11 or more. "During the three- or four-month hiatus,
the crooks knew we were gone," says Detective Duane Decker, currently
investigating a mid-February theft of $1.5 million worth of laptop computers
from a trailer near Long Beach. "It's gotten way, way out of control."
Nationally there are signs that some drug traffickers—squeezed by tighter
post 9/11 border security—are switching to high-tech cargo theft. "It's
a high-gain, low-risk criminal enterprise," says Barry Brandman, president
of Danbee Investigations, in Midland Park, NJ. "New organized-crime groups
are specializing in logistics theft." Investigators and insurance underwriters
say that Latin Americans, often dubbed "South Americans," pull many of the
thefts but that Russian mobsters are muscling in (Koreans and Chinese continue
to dominate the fencing). Ports in south Florida, Los Angeles and New Jersey,
say law enforcement experts, continue to be trouble spots.
Increased losses from high-tech-chip theft are making security a central
component of supply chain logistics. Some underwriters refuse to insure valuable
high-tech cargo, especially in problematic areas. But even when insured,
the victim firm loses. Deductibles are often $100,000 or more, and thefts
have a ripple effect. Intel, for example, sponsored a Rand study that found
that the indirect cost of a major theft is two to five times the actual loss.
And valuable business relationships can be damaged when deliveries are
interrupted by thefts.
Holistic approach
Although the traditional three Gs are still fundamental, several promising
technologies—from pagerlike pallet-tracking devices to GPS systems and
biometrically controlled ignition systems—may soon play a role in securing
cargo. But experts advise a cautious, holistic approach. The bulk of the
new technologies are still in beta or have yet to be fully proven in the
marketplace. Many companies hire consulting firms such as Pinkerton to develop
risk profiles and determine vulnerabilities in the supply chain. They then
put detailed new policies and procedures in place that may include antitheft
technologies. Some firms claim to have reduced individual corporate losses
more than 90%, preventing tens of millions of dollars in annual losses. But
experts say good security nearly always balances risk with economics. It's
not a one-size-fits-all situation.
Indeed. Sun Microsystems fired back at thieves who were robbing the firm
of millions in Europe with a combination of low- and high-tech measures.
About a year and a half ago, Chiaramonte initiated escorts for high-value
Sun trailers. He says he purposely broadcast the policy shift to the drivers,
the warehouse and manufacturing. To date, says Chiaramonte, the escorted
trailers have suffered "zero losses."
"During the
three-or four-month hiatus, the crooks knew we were gone.
It's gotten way, way out of control."
—Detective Duane
Decker, Port of Los Angeles
Escorts do seem to have deterred hijackers. Other security directors concur
on the value of the technique. "There are certain markets where escorts are
silver bullets," notes Intel's Purtell. "It's enough." But in Latin America
and parts of Asia, officials note, large gun-toting gangs have successfully
snatched even well-guarded shipments. Mark Carlson, vice president of Latin
America for Pinkerton in Mexico City, says the best protection against hijackings
in Mexico and Brazil—where some manufacturers lose as much as 10% of
finished product—is better control of shipping manifests. Major high-tech
hijacks are nearly always inside jobs. "We look to see where clients may
have slippage in their information control. We're in there looking for where
the break is. Is it internal? Is it external?"
Securing the supply
chain
Firms seeking to enhance security might consider joining the Technology Asset
Protection Association (TAPA), a group that has become a leading force in
improving supply chain security worldwide. Launched six years ago with just
30 member companies, it saw its membership surge by 40 percent last year
to include some 500 mostly high-tech firms (pharmaceutical firms were recently
admitted as well). TAPA certifies whether firms are following good supply
chain security practices. Two major underwriters recently agreed to provide
insurance discounts for TAPA-certified firms.
Perhaps the most basic security step a high-tech firm can take is to reevaluate
its carriers. In the wake of September 11, the distributor
Avnet, Chandler, AZ, set down rigorous new security standards,
giving the pink slip to more than a hundred regional and local carriers.
Today, the 11 remaining carriers that transport nearly 10,000 Avnet shipments
daily follow strict policies. Drivers must stick to specific routes. Trailer
doors are shut with tamper-proof seals, and trucks must be locked whenever
the driver leaves the cab. Large shipments go only on GPS-equipped trucks
and sometimes require two drivers. Avnet has also eliminated some old methods
that helped crooks identify targets. Now everything ships in a plain-vanilla
box with a packing slip that gives no clues as to the contents. "It doesn't
say Intel, Sun or Toshiba," says Jim Smith, a senior VP at Avnet. "It looks
like another common, ordinary box."
Which carriers excel at protecting high-value tech shipments is a constantly
evolving, closely guarded secret. "Using FedEx and UPS may not be the most
secure method, compared to shipping with a motor carrier that has expertise
in the transportation of high-tech goods," asserts Rich Soja, global marine
manager for Chubb, a Warren, NJ, insurance firm. Chubb shares its short list
of preferred carriers with clients and helps companies implement various
risk reduction strategies, such as breaking major shipments into sub-$5 million
chunks.
Prompt notification of the relevant authorities is key to recovering stolen
chips and components (investigations in Europe and other foreign countries
are often hampered by multiple local and national jurisdictions). Throughout
the United States, port-based Cargo Cat squads or high-tech crime squads
are the place to start. The Los Angeles Sheriff's Cargo Cats, for instance,
recommends faxing a loss claim form to its offices to speed the opening of
an investigation. Prosecution is another matter. It's not easy to prove that
a given pallet of chips is stolen. "In case after case, we bring product
to firms and think it's easy to tell us whether it's stolen, and they can't
tell us," says Special Agent Manny Alvarez, who heads the Rapid Enforcement
Allied Computer Team (REACT), a multiagency high-tech crime squad based in
San Jose, CA. "Companies often don't have the mechanisms in place to keep
track of products."
Sun is one of the few exceptions. Before, all the firm could say was that
a particular processor board came from a lot of several hundred. Now, the
company's high-end servers have serial numbers and record the purchaser.
Still, many companies don't see the value in marking components or keeping
the detailed records necessary to prove that a specific lot of chips has
been stolen. Although companies encourage aggressive prosecution of chip
theft, they favor a proactive approach—practices and technologies more
likely to prevent thefts.
E-tracking shipments
Companies appear more interested in electronically tagging individual pallets
of products in transit. Purtell is one of many officials interested in a
tracking device that could help him monitor the whereabouts of product throughout
the supply chain. Locate Networks, Seattle, WA, plans to
launch its new SnapTrack Assisted GPS in July. Hidden within a pallet, the
pager-size battery-powered device continuously receives satellite transmissions.
It shoots the transmissions over a terrestrial two-way pager network to Locate's
data center. Latitudes and longitudes are mapped onto a Web site that clients
can access with a password. Clients can preset approved corridors and boundaries
for shipments. If a pallet strays from the prearranged route—say a half-mile
corridor along a particular interstate—alert notifications can go out
to logistics personnel or security directors.
Michael Crowson, Locate Networks' president, says SnapTrack has already been
beta-tested by law enforcement in sting operations. In one case, its use
led to the recovery of several million dollars' worth of consumer goods that
were stolen from a trailer and moved onto a rental truck and then into a
warehouse. "Security experts want to get their hands on it to prevent theft,"
says Crowson. "Others want it for pure logistics and just-in-time inventory."
But the ultimate security value of a device that tracks a pallet, trailer
or truck comes from how quickly news of a possible problem can be investigated.
Simply knowing that a truck or pallet has wandered off course won't necessarily
thwart a theft or recover stolen chips. Tracking technologies are often combined
with service from real-time communications companies, such as Criticom
International, Minneapolis, MN, which monitors GPS and other signals and
alerts law enforcement to thefts in progress. Depending on
the service plan, Criticom receives GPS signals via cellular connections
every 10 minutes or so. Computerized call centers in Los Angeles and Minneapolis
transform that raw longitude and latitude data into street addresses in about
30 seconds. If a driver hits a panic button or a trailer veers off a preset
route, an agent at the call center will attempt to call the driver or establish
contact through the dispatcher. Criticom agents tap into a detailed Public
Safety Answering Point (PSAP) database to promptly phone the relevant local
authorities and assist in locating the stolen vehicle. The firm is investigating
partnerships with several manufacturers of pallet tracking devices.
Evaluating antitheft
technologies
But if securing shipments is quite literally a moving target, so is staying
one step ahead of the thieves. When GPS tracking services were first introduced,
a few years ago, they were heralded as the technical solution to hijacking.
But hijackers quickly learned to take out the antennae with a shotgun blast
or a hammer (a tougher task with transmitters hidden in pallets). Even when
GPS tracking devices manage to continue broadcasting during a hijacking,
it's often too late when authorities arrive at the scene. Indeed, the truck
the Santa Clara Christmas bandits fled in with $3 million worth of Cisco
boards was GPS-equipped and was later found abandoned—and empty. "The
problem with GPS is that although you recover the trailer, everything else
is gone," says Chubb's Soja. "It's a developing technology."
"I get three calls a month from companies
with different bells and whistles. I haven't
seen anything work yet."
—Dan
Purtell, Americas investigations manager for Intel
Tracking systems can also be expensive. GPS hardware generally costs $1,000
to $3,000 a vehicle, with service ranging from a few dollars to $25 or more
a month. Although tracking pallets with Radio Frequency Identification (RFID)
tags has been tested by several firms (including Unisys for high-value servers),
the technology generally provides useful data only on the whereabouts of
product in controlled environments such as ports, airports or corporate
warehouses. Once on the road, shipments are likely to require other protection.
Stand-alone biometric devices may promise an entirely different way of securing
high-tech cargo. Vericom Technologies, Rocklin, CA, aims
to thwart attacks by making it harder to hijack trucks. The firm's biometric
or PIN access devices limit the operation of the truck to the approved driver.
Utilizing "black-wire technology" that makes it difficult to know which wire
to cut, the hidden Vericom device cuts off fuel to the heat pump. The theory
is that hijackers won't be able to start a vehicle or will find that it won't
go over a couple of miles an hour. "The key is to reduce the amount of time
the hijacker has" to escape, says John Bjorn, president of Vericom.
Finally, at least one start-up, Safefreight Technology,
Edmonton, Alberta, Canada, offers an all-in-one security system for trucks
and trailers. Piercing alarms and strobe lights go off when a thief tries
to hijack a truck, move it outside of a preset digital fence, or attempt
to hook up an unauthorized trailer (GPS tracking for trailers is optional).
Officials believe that the ear-shattering alarm and lights will prevent many
break-ins.
But security and logistics directors at major high-tech firms remain a hard
sell when it comes to the new antitheft products. They say they have yet
to see a probable winning solution, let alone a short list of companies to
watch. "I get three calls a month from companies with different bells and
whistles," says Purtell. "I haven't seen anything work yet." Experts say
providers of new technology providers have to battle-test their solutions'
reliability. Brandman of Danbee Investigations says 90% of the new products
and services are still in beta. "Most have not been proved. We are six months
to a year and a half away from having reliable product on the market."
Until then, security directors and law enforcement will do their best on
limited budgets. Officials at Sun, for example, argued that the escorts for
high-value trailers were too expensive. But Chiaramonte won an extension
of his program by doing a study that tracked the substantial losses of other
companies. In comparison, Sun's zero losses after a modest investment in
escorts seemed a bargain.
Fighting theft remains an uphill battle. Sergeant Lloyd Cardone of REACT
says his task force is pursuing leads on the $3 million Cisco theft in Santa
Clara, and the FBI is also trying to solve an $8 million high-tech hijack
last year in Guadalajara, Mexico. Meanwhile, investigators working the Heathrow
incident traced a white Renault van to nearby Feltham, west London. Roughly
$2.5 million in chips were recovered, but about $7.5 million worth are still
missing.
The perpetrators remain at large.
Jonathan Littman is the coauthor of the best-seller the Art of
Innovation and the author of The Fugitive Game.
| Show Me the Money |
| $3 million |
value of Cisco routers stolen in a December 25, 2002, heist
in Santa Clara |
| $10 million |
value of Pentium 4 chips stolen on January 12, 2003, in
Heathrow, England |
| $20 million+ |
value of chips that manufacturers sometimes ship in a single
big rig to distributors |
| $50 billion |
estimated worldwide losses from cargo theft |
|
Katy is very proud of her pair of UPS brown socks. She bugged
the UPS guy continually to bring her a catalog of all the UPS clothes she
could order. Even after weeks of pestering, he never came through with this
alleged catalog. One day, however, he handed her a brand new pair of heavyweight
socks with the gold UPS logo embroidered on the cuff. When she asked how
much she owed him, he replied hastily, “Forget about it,” and sped
away in his square truck. Perhaps they were “hush socks” to stop
her from asking about how she could get a UPS uniform.