While U.S. producers of web security and data storage systems deny providing products to Syria—which is using their products to monitor its citizens—the U.S. government is investigating how the equipment and software made it to Syria, and if the manufacturers knowingly sold the products to that regime.
The U.S. Commerce Department is investigating whether technology produced by the California based companies Blue Coat Systems and NetApp helped Syrian authorities monitor dissidents during the crackdown on protestors, according to a story in The Washington Post. Hundreds of Syrians—protestors and security forces alike—are reported to have been killed in the fighting, causing Syria’s Middle East neighbors to call for the Syrian government to end the crackdown before it turns into civil war.
In the meantime, U.S. officials are attempting to determine whether Blue Coat Systems had prior knowledge that its products were being used by Syria—which the U.S. State Department lists as an authoritarian regime that has ruled by martial law since 1963—in defiance of a ban on the sale of such products to the Syrians.
In a message posted in its website, Blue Coat Systems says while it did not sell equipment or software to the Syrian government, its products are being used there and could have been obtained through a third party.
“Blue Coat has become aware that certain Blue Coat ProxySG Web security appliances apparently were transferred illegally to Syria after being lawfully sold to a channel distribution partner for a seemingly appropriate designated end user,” the statement says. “Blue Coat does not sell to countries embargoed by the U.S., and does not allow its partners to sell to embargoed countries.”
Blue Coat says it became awareness of the presence of the ProxySG appliances in Syria by reviewing online posts made by so-called “hacktivists” that contained logs of internet usage which appear to be generated by ProxySG appliances. The “logs” were obtained by hacking into one or more unsecured third-party servers where the log files were exported and stored.
In addition, Blue Coat says it “verified that the logs likely were generated by ProxySG appliances and that these appliances have IP addresses generally assigned to Syria.” The company adds it does “not know who is using the appliances or exactly how they are being used. We currently are conducting an internal review and also are working directly with appropriate government agencies to provide information on this unlawful diversion.”
A statement on the NetApp website says it “does not condone the location or use of its products in Syria.” The company also says it employs “comprehensive policies, procedures, and systems to ensure compliance with U.S. export control and economic sanction laws and regulations.”
Like Blue Coat, NetApp says the Syrian government is using the company’s data storage product despite efforts by NetApp to keep its products from embargoed regimes. If the “controls” it uses to prevent its products from being exported to banned countries “were improperly circumvented without our knowledge, we condemn the use of our storage by the Syrian government to repress its own people,” NetApp says. “We treat this with the utmost seriousness, and are engaged in a vigorous effort to determine the true facts,” says the company, which adds they are assisting with the U.S. investigation.