US sanctions fail to stop Russia connecting with Cisco hardware US sanctions are doing little to stem the flow of controlled technologies, with Cisco network gear still making it to Russia, and Intel CPUs and Nvidia GPUs still on sale in China. According to The Wall Street Journal, nearly a year after Russia's illegal invasion of Ukraine began, Cisco networking equipment not only remains …
Cisco's biggest competition, is their own refurbished "Cisco Refresh – Certified Remanufactured Equipment"
Recalled those days decade+ ago, I hand carried a rather heavy checkpoint firewalls from HK to China, for a very grateful friend. Only to find out that I had earned myself a generous dinner thereafter.
These days with drop ship, e-commerce etc. Heavens knows who the final users are. It's a glass bottle theory - used for a taste of 7-up or a molotov cocktail
Recalled those days decade+ ago, I hand carried a rather heavy checkpoint firewalls from HK to China, for a very grateful friend. Only to find out that I had earned myself a generous dinner thereafter.
There was your mistake. All you needed to take would have been a couple of CDs or the HDs. Or download it during a layover in HK. Or just buy it from Checkpoints HK office or one of their local resellers. But it's been this way for years. An early contract offer I had was to go build an Internet in Syria on behalf of a big German company's 'Special Projects' division. The offer even included compensation should I be caught, arrested, convicted and jailed. I was suprised at just how blatant that approach was, especially given the company knew it was illegal. So I politely declined and reported the approach. But it's pretty common to have contractors acting as couriers because then the employer has some plausible deniability.
But it's one of those areas where vendors could do more, especially given the shift to Cisco-as-a-Service and the need for licence and registration servers. But they'll helpfully tell you how to use proxies or VPNs to permit those. And if the vendor isn't supplying directly to a santioned entity, it's 'clean', and can just book a sale anway.
I think the true gray area here is in the meaning of "illegal". The US makes laws and regulations and likes to apply them globally but many countries don't like to be pushed around so why their political class may be all smiles and cooperation with the US government their rank and file bureaucrats, like any patriots, tend to resent this and so have a tendency to look the other way. Especially if there's some kind of sweetener involved.
It doesn't help that companies like Cisco have been systematically offshoring their operations for a decade or two -- not just manufacturing but development -- so while Cisco might be an American company on paper in practice its anything but. (The boxes the Russians are buying may well be made in Thailand, for example.) Ultimately the US has got to face the fact that it can only exert jurisdiction over its own territory and those of willing governments (e.g. Western Europe for the most part). Everywhere else, who knows?
I think the true gray area here is in the meaning of "illegal".
Often it's not that much of a grey area. But it is an area with a few potential minefields for the unwary, backed by some pretty severe punishments. Ignorance of the law is generally a poor defence, and getting your CEO jailed can be career limiting.
It gets a bit more complicated when there's competing jurisidictions and national legislation. So stuff like Cisco is relatively simple. It's a US corporation governed by US laws, so if the US bans exports to Syria, Ciscos can't be shipped to there. They, and most other vendors have export control sections on their websites listing embargoed or sanctioned countrys. So ok, I'm a UK national with a UK corporation and maybe some Americans on the payroll. Maybe I just buy tin from an authorised (or semi-authorised) reseller in say, Cyprus and they ship it to Syria. Or the end-user collects it. UK also has export controls and sanctions, so I could be prosecuted by both the US and UK authorities.
Attempts to work-around this I've experienced have been to try and protect US nationals by keeping them out of the loop. That might work, it might not, either way if TPTB notice, it could be an awkward and expensive legal event. Or sales helpfully suggesting that if the customer finds a Cisco, can't we just manage it? No, because supply of services is also often covered by sanctions. Plus generally it's also a major PITA to properly manage foreign devices, especially with the shift to Cisco-as-a-Service and support, maintenance etc contracts tied to device IDs. Vendors are very keen to use that to prevent grey markets, or unauthorised (ie unmonetised) tin from being bought off ebay. Or even from bankruptcy auctions*.
So the legal route is to apply for export licences, which would mean from both UK and US, and IMHO, the answer is generally 'No'. That can also get expensive, ie lawyers and can be painful. Like finding the product/service code that applies to the tin you're wanting a licence for. Especially if you're like me and get sidetracked by wondering how some of the stuff on those lists might end up being used in nefarious ways. Which can also get FUN! because there might be stuff in export control lists that might need licences even if the country you're wanting to ship/provide services to isn't one of the usual suspects on the naughty list(s).
It can also get FUN!** with other technology like Checkpoint. They're an Israeli corporation, some countries make it illegal to import Israeli products. Then if you're bidding for a client who insists on Checkpoint but has a location in a country that boycotts it, BDS legislation can kick in. It can be illegal to refuse to offer Israeli tech, even if it's illegal in the country it's destined for. Then it's figuring out if no-bidding might trigger anti-BDS sanctions, or what parts of your anatomy you might lose if you won the bid and delivered it. Advice from counsel on that one was to basically submit a generic boilerplate response tweaked to make sure it looked like we kinda tried to submit a winning bid. Not exactly good business, but the cost of defending any legal issues that could arise would quickly exceed any profit from that deal.
* Also makes life a little more challenging for bean counters. You spend $10m on hardware, but it isn't really an asset because it has virtually no residual value. But then the taxman says you can't depreciate it to zero straight away because taxman says 'No'.
** Yes, I've been playing Dwarf Fortress too much. But managing dwarves can be much less stressful than managing a business and sales force. At least when dwarves start making unreasonable demands, they can be met with 'happy accidents', sometimes involving magma. HR would never let me do that kind of thing.
"The ones famous for security failings and for being backdoored by certain US 3letter agencies?"
According to the media, NSA/CIA bugs Cisco equipment, via hardware or software, by intercepting them before they are delivered to you.
Otherwise those implants would have show up in some reverse-engineering efforts.
I remember reading in 'The Next World War' by James Adams about how around the time of the invasion of Kuwait, the Iraqi government had procured a load of IT equipment for command & control infrastructure. This saw some intervention by the appropriate 3-letter agencies in the states before it was sent on its way. The plan was that when the war really started, then there would be a load of equipment ready to send all the inside information back to the USA.
All went well until the first day of the air war when another intelligence bod got wind of the fact that there was a warehouse full of newly-delivered command & control hardware. The whole lot was destroyed in an air strike before it could be deployed.
Quote: "...US sanctions are doing little to stem the flow of controlled technologies..."
I'm absolutely certain that the nice folk at Fort Meade are ecstatic that the flow of Cisco equipment into "restricted markets" continues apace!!
One message from Washington DC......party time in Fort Meade!!
P.S. Does Tobias Mann write this stuff with a straight face? I think we should be told!!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
