SAN DIEGO -- OFC/NFOEC -- The business of counterfeit optical modules has gotten serious enough to spur multiple law-enforcement raids, vendors insist.

According to Avago Technologies Pte. and Finisar Corp. (Nasdaq: FNSR), the two biggest suppliers of datacom optical modules, the seizures have involved transceivers falsely labeled as being from their companies, or from Cisco Systems Inc. (Nasdaq: CSCO).

"We've actually been to customs seizures of transceivers," says Dave D'Andrea, director of marketing for Avago's fiber optic products division. "I thought it was a joke the first time I heard it, but it's true, to the tune of millions of dollars of lost revenues for us."

Just today, the Royal Canadian Mounted Police (RCMP) announced the seizure of $2 million in counterfeit Cisco components, although the release didn't specify whether it was for the capture of optical modules.

While the problem isn't confined to Cisco, that company's situation illustrates the situation particularly well.

Cisco's routers and switches will only accept Cisco's own optical modules. The modules themselves aren't special -- in fact, Cisco just buys them from vendors including Avago and Finisar -- but they've got identifying data stored in a tiny memory chip. If the router doesn't find that identifier, it triggers an error. (See Use Our Optics, or Else!)

Cisco has described the practice as a quality-control mechanism, but some users are skeptical. It doesn't help that the company apprears to be raking in big bucks with its optics sales. (See Cisco's Secret Franchise.)

It's a bit like ink cartridges for printers: HP Inc. (NYSE: HPQ) wanted consumers to buy its own refills, but a clone industry managed to spring up and to survive legal threats.

What's different in optics? Reportedly, the raided parties were slapping phony labels on their goods. Combined with Cisco's optics practices, you've got fraudulently labeled parts that might not work at all.

"In 2007, there were some instances where major financial institutions, particularly in Asia, suffered some outages," says Jerry Rawls, CEO of Finisar. The source, it turned out, was falsely labeled modules.

Counterfeit Cisco optics have been available for some time. Andrew Schmitt of Nyquist Capital , who's been tracking the Cisco optics situation, notes that supposedly Cisco-friendly optics are available all over eBay, from two-bit operators selling faked modules in small quantities.

And Cisco is no stranger to having its products faked. The company even has a brand protection team that's on the lookout for bogus "Cisco" products.

"Counterfeiters tend to target high-volume products that are fairly easy to replicate, so modules would definitely fall under that category," a Cisco spokesman says.

Cisco wouldn't give Light Reading any estimates on how big the problem might be, although the spokesman says hundreds of millions of dollars are lost to counterfeiting across the high-tech industry in general. The problem definitely goes beyond millions of dollars, judging from the RCMP release. "Exactly how big this iceberg is is not clear," Rawls says. "I've heard estimates from Cisco that talk about tens of millions of dollars. We've seen the seizure by customs people of tens of thousands of units -- that was in this country."

For now, the latest safeguard is an encrypted handshake handled by the module's microprocessor. Some of Finisar's customers are incorporating that into their systems now, preventing ports from firing up unless that handshake is completed, Rawls says.

So begins a cycle familiar to those in computer security: New safeguards will be developed, then thwarted, leading to the creation of even newer safeguards. The cycle continues until people lose interest in buying and selling counterfeit optics -- or until optics become truly swappable, obviating the need for fakes.

"There'll be another one. No matter how secure it seems, there'll be some clever guy who figures out how to defeat it," Rawls says.

— Craig Matsumoto, West Coast Editor, Light Reading