Subscribe

Cyber cops crack down on cybercrime

By Laurika Bretherton, ITWeb Chicago-based correspondent
Chicago, 29 Mar 2000

The Federal Bureau of Investigation (FBI) sees cybercrime as one of the fastest evolving areas of criminal behaviour. And it has the numbers to prove it.

Together with the Computer Security Institute in San Francisco, the results of the fifth annual survey of computer crime and security were released on Wednesday, 22 March. It showed that among 640 organisations polled, the total verifiable losses in 1999 more than doubled, reaching $265 million, and over 90% of the respondents reported some form of security breach.

At least 74% of the respondents reported more serious security breaches, such as information theft, financial fraud, system penetration by outsiders, data or network sabotage, or denial of service attacks designed to disable Web sites.

The problem

Cybercrime varies from simple hacking to serious intrusions by professional criminals seeking financial gain, according to a recent statement made by Louis J Freeh, FBI director of cybercrime, before a US Senate committee.

He highlighted the Phonemasters as an example of a criminal group. "The Phonemasters was an international group that penetrated the computer systems of MCI, Sprint, AT&T and Equifax. Calvin Cantrell downloaded thousands of Sprint calling card numbers, which he sold to a Canadian individual, who passed them on to someone in Ohio. These numbers made their way to an individual in Switzerland and eventually ended up in the hands of organised crime groups in Italy.

"The Phonemasters` methods included 'dumpster diving` to gather old phone books and technical manuals for systems. They then used this information to trick employees into giving their logon and password information. The group then used this information to break into victims` systems."

Freeh points out that often cybercrimes are facilitated by old-fashioned guile, such as calling employees and tricking them into giving up passwords. Computers and networks are not just being used to commit new crimes; they also facilitate traditional criminal behaviour such as extortion threats and child pornography.

The use of computers in crime has also introduced a unique challenge. How to identify the intruder has become the million-dollar question. Freeh asks: "Who is attacking your system, why, how and from where?" This difficultly stems from the ease with which individuals can hide or disguise their tracks by manipulating logs and directing their attacks through networks in many countries before hitting their ultimate target.

Then there are the countless human and technology issues. Having enough well-trained staff is a never-ending quest.

Finding solutions

These challenges are obviously placing increased pressure on law enforcement agencies worldwide and Freeh highlights some solutions. He points out that countries will have to work together to solve international cybercrime. The FBI is currently holding national computer crime conferences with foreign law enforcement officials and training classes are also being held for partner nations.

Another critical partner in this crime web is the private sector. Freeh says this is the case for several reasons. Firstly, most of the victims are private companies. Secondly, network administrators at the victim companies are critical to the success of an investigation, because of their unique knowledge of the system. Thirdly, the private sector has the technical expertise that is often critical in resolving an investigation. "It is impossible for us to retain experts in every possible operating system or network configuration," says Freeh.

An example of where government, education, industry and law enforcement got together to tackle this problem is a new computer laboratory that was recently opened at the College of DuPage in Illinois.

The lab will be used to educate law enforcement officers in methods of prevention, detection and prosecution of cybercrimes. One of the courses, entitled "Computer Crime Investigation," will teach how to detect crimes, how to properly handle evidence and how to present it in court for the greatest likelihood of conviction. As part of the course, students witness actual felonies as they occur and begin the process of apprehending the suspect.

Detective Mike Sullivan of the Naperville Police Department in Illinois says: "This is probably the only academy in the US with a lab dedicated to teaching the prevention and prosecution of Internet crimes."

The Computer Crimes Lab was provided by a $250 000 donation from Microsoft and Omni Tech Corporation. The aim is to serve as a model for similar training programmes around the US.

Sullivan, who has taught the Computer Crimes Investigation course for the past two years, sums up the situation: "At the turn of the century, criminals moved from horses to cars and the police had to learn to use the new technology. Then in the 1940s criminals started using telephones to commit crimes and the police had to adapt again. Now computers are the tools of modern-day criminals and police officers need to become just as skilled at using this technology as the criminals - if not more so."

Share