Md. firm's deal with Israelis analyzed

Sourcefire software sale probed by U.S.


It might seem bizarre that a federal panel approved the Dubai ports deal without dissent and then decided three weeks later to do a rare, full-blown investigation into a Columbia software firm's sale to a company from Israel, one of America's closest allies.

But this is precisely the sort of high-tech case that historically has prompted the most scrutiny from the Committee on Foreign Investment in the United States, supporters and critics agreed. Columbia-based Sourcefire Inc.'s software protects against hacker attacks, and it's used not only by corporations but also by highly secretive government agencies - though sources close to the acquirer said it's the same software in both cases.

The FBI opposes Sourcefire's $225 million sale to Israeli-based Check Point Software Technologies Ltd. - or any foreign firm, for that matter - because the agency fears that would give away the keys to the government's most sensitive computer networks, a government source said yesterday.

FOR THE RECORD - An article in yesterday's editions of The Sun about Sourcefire Inc. incorrectly reported revenue information estimated by America's Growth Capital analyst Jeffrey W. Englander. He said that about 10 percent of Sourcefire's revenue comes from the federal government, nearly half of which is from classified installations.
The Sun regrets the error.

"Once the foreign-owned company has it, they can sell it," said the federal law enforcement official, who spoke on the condition of anonymity because the government's deliberation process is secret.

The concerns over Sourcefire's sale appear to be more about the technology rather than the location of the buyer's headquarters, though Israel and the United States have been at odds over Israeli defense technology sales and U.S. fears of Israeli spying.

Sourcefire manages an intrusion-prevention system called Snort that has open source technology - meaning anyone can look at the underlying code and see if there's anything wrong with it, a sort of cooperative quality check. Sourcefire also sells network discovery and remediation software that works with Snort to improve anti-hacking efforts.

Blocking hackers

Protection against hackers is an increasingly critical part of national security, not to mention the everyday defense of information in workplaces and homes. The companies that provide it are in a position to do a lot of good - or harm.

"Anyone who uses a computer knows that, even if they're an expert, they still have to place a lot of trust in their hardware and their software," said Alan T. Sherman, an information assurance expert at the University of Maryland, Baltimore County, who added that "information warfare" is likely. "It's easy to hide malicious [software] code. Sometimes it just takes a few lines of malicious code to subvert a system."

About 10 percent of Sourcefire's business is "federal government classified," said Jeffrey W. Englander, a senior analyst at America's Growth Capital in Boston. That likely includes the National Security Agency, he said - its headquarters is several miles from Sourcefire's.

But two sources close to Check Point, who insisted on anonymity because of the secrecy of the investigation, said that despite its customer base, Sourcefire has no classified contracts or employees with government security clearances.

"The government's using just the off-the-shelf product," one of the sources said.

Check Point shows no signs that it is preparing to bow out, as some acquirers have done rather than go through an investigation by the panel, known as CFIUS. The company declined to comment yesterday but has said that it and Sourcefire are committed to working cooperatively with the committee during the investigation. Sourcefire did not return calls.

CFIUS is charged with ensuring that foreign takeovers of U.S. companies or assets don't endanger national security. It has representatives from 12 government bodies and is chaired by the Treasury Department. It can forward problematic deals to the president, who has the power to stop them - though such a block has happened only once, in 1990.

The secretive panel is under fire for signing off on Dubai Ports World's plans to assume some operations at six U.S. ports, including Baltimore's. Congressional critics were outraged that the acquisition of a British company by a government-owned United Arab Emirates corporation went through the normal 30-day review but not an additional 45-day "investigation."

That's not unusual. Of its approximately 1,600 cases, the committee had until recently investigated 25, the Treasury Department said.

Only now that Congress is inflamed about the Dubai deal is CFIUS poised to go through the rare 45-day investigation on that proposal - and only because the company volunteered. But it took no prompting from angry politicians for CFIUS to give the Sourcefire deal the third degree. It started investigating about three weeks ago, before the firestorm erupted over Dubai Ports World. Treasury would not comment on the case, and the Defense Department, one of the panel's members, would not say whether it recommended the full investigation.

Cold War outlook

Baltimore Sun Articles
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.