Dubai probe draws attention to software deal

Administration ready to OK ports deal, intends to investigate Israeli software firm.

seattle port 298.88 (photo credit: AP)
seattle port 298.88
(photo credit: AP)
The same Bush administration review panel that approved a ports deal involving the United Arab Emirates has notified a leading Israeli software company that it faces a rare, full-blown investigation over its plans to buy a smaller rival. The company was told US officials feared the transaction could endanger some of government's most sensitive computer systems. The objections by the FBI and Pentagon were partly over specialized intrusion detection software known as "Snort," which guards some classified US military and intelligence computers. Snort's author is a senior executive at Sourcefire Inc., which would be sold to publicly traded Check Point Software Technologies Ltd. in Ramat Gan, Israel. Sourcefire is based in Columbia, Maryland. The contrast between the administration's handling of the $6.8 billion (€5.69 billion) Dubai ports deal and the Israeli company's $225 (€188.22) million technology purchase offers an uncommon glimpse into the US government's choices to permit some deals but raise deep security concerns over others. Senate hearings over the ports deal were expected to continue Thursday. The ongoing 45-day investigation into the Israeli deal is only the 26th of its type conducted among 1,600 business transactions reviewed by the Committee on Foreign Investments in the United States. The panel, facing criticism by US Congress about its scrutiny of the ports deal, judges the security risks of foreign companies buying or investing in American industry. In private meetings between the panel and Check Point, officials from the FBI and US Defense Department objected forcefully to permitting any foreign company to acquire some sensitive Sourcefire technology for preventing hacker break-ins and monitoring data traffic, an executive familiar with the discussions told The Associated Press. This executive spoke on condition of anonymity because government negotiations are supposed to remain confidential. Under the sale, publicly announced Oct. 6, Check Point would own all Sourcefire's patents, source-code blueprints for its software and the expertise of employees. William Reinsch, a former senior US official who participated in reviews under former President Bill Clinton, said the Israeli sale involves more dire security issues than the administration's recent approval for a Dubai-owned company to take over significant operations at six major American ports. "This raises a lot more important issues," said Reinsch, a former Commerce Department undersecretary. "The most important case is where we're making an irrevocable technology transfer to a foreign party. Port operations raise security issues, but the ports are still in the United States." The review panel privately notified Check Point on Feb. 6 it intended to fully investigate the transaction's security risks, the executive said. That was days before the furor erupted over the Dubai ports deal. Check Point disclosed the news to investors Feb. 13, but the announcement drew little attention despite escalating scrutiny and interest in Washington over such reviews. The same panel had approved the ports deal Jan. 17 after a routine, 30-day review. In a highly unusual move, UAE-based Dubai Ports World offered earlier this week to submit to a broader 45-day investigation to avert an impending political showdown between President George W. Bush and Congress. That formal investigation has not yet started. Check Point and Sourcefire declined to comment. Officials at the Defense Department, FBI and Justice Department also declined to comment. A spokesman for the Treasury Department, which manages the review panel, declined to discuss details of the Check Point matter. Under the committee's rules, it launches full investigations when officials were unable to resolve concerns after a routine, 30-day review. "Each case is different. Each has its own unique factors, entirely based on the merits of the company's case," said Tony Fratto, the Treasury Department's press secretary. "If people have outstanding objections, it would go to the investigation stage." Sourcefire's protection and monitoring technology builds on the popularity of Snort, which was created by its chief technology officer and is distributed free. Unlike Sourcefire's commercial products, Snort's blueprints are open for inspection to assure it works as advertised. This makes it popular inside the US intelligence community, even alongside more mainstream security products from Cisco Systems Inc. or Juniper Networks Inc. Still, Sourcefire earned about 10 percent of its estimated $35 million (€29.28 million) in revenues last year guarding classified US computers, according to Jeffrey W. Englander, a software security analyst at Boston-based America's Growth Capital, a boutique investment bank and research firm. Englander predicted Check Point would agree to abandon Sourcefire's business inside classified government agencies rather than cancel the deal, if the government demands it. He dismissed the government's concern the sale may threaten US security. "I don't think it has a tremendous amount of weight," Englander said. "I'm not good with conspiracy theories."