Businesses and their security staffs must increasingly become computer-smart. This is the message that Detective Sergeant Bruce Pixley, Supervisor of the High Tech Crimes Unit of the Santa Barbara County Sheriff’s Department , told a joint NCMS/ASIS dinner meeting on November 9, 2000.
“Too often corporate security people do not understand computers thoroughly enough, and they make blunders when investigating suspects’ computers. When they go to the IT or MIS departments for technical assistance, they find experts who do not understand evidentiary chain of custody or the special software needed if cases are to end up in successful criminal prosecution,” he said.
Like most law enforcement agencies, the Sheriff's Department goes not get involved in forensic examination of computers for purely internal matters, like downloading sexually explicit photographs or wasting time on the Internet. However, law enforcement will be glad to assist firms if they expect crimes like fraud, theft, child pornography, etc.
Pixley began his law enforcement career as an Army K-9 unit military policeman. After separating, he joined an area police department, and transitioned to the Sheriff’s Department when his city contracted law enforcement services.
He always enjoyed both computers and law enforcement. He had his first computer 22 years ago with 48 kilobytes of memory (as opposed to 64 or 128 megabytes of memory, which are common today) and a slow acoustic modem. Before the Internet became popular, he ran a Bulletin Board Service from his home.
As computers have become more integral in the everyday lives of people, Pixley’s agency has realized an increasing need for a specialized unit. Cases fall into several broad categories. In some, such as pedophiles that share child pornography images or search for victims on-line, the computer is central to the offense. In other cases, the computer is only peripheral to the crime itself, but helps in building the case. For example, thieves may record their exploits or write e-mail to friends.
The popularity of high speed internet access, such as through cable modems and DSL lines, exposes individuals to risks they had not expected. If a home firewall isn’t used to protect a PC connected to these “always on” services, hackers from anywhere in the world can look through a person’s private affairs. “Have Turbo Tax on your PC?” asked Pixley. “That gives your social security number and tells about your income and taxes. Have Quicken or Microsoft Money? That’s good too. And the hackers take spreadsheets and word processing documents just to see what they can find.”
It is critical that parents become closely involved with their children’s web habits. Pedophiles often seek out children in chat rooms, befriend them, and try to lure them for a visit. Pixley, who taught DARE classes in the schools for three years, often poses as a teenager in an effort to track down suspects.
Getting a high speed connection may pose a temptation for the young, would be hacker. “It takes forever to hack web sites using a 28.8 or 56.6 modem,” Pixley commented. “It’s much more doable with DSL speed.”
Typically a forensic examination begins by making an image of the hard drive in a suspect’s computer. That allows the files to be examined without disturbing the original drive – the evidence. Special software makes searching the drive easy. Graphic images, like JPEGs and GIFs, all begin with standardized headers. The software finds and recovers these images from anywhere on the hard drive – even from “slack space” and unallocated space after they have been deleted – as long as they have not been overwritten.
Pixley recounted one case that began when a woman in Hemet, CA, discovered over $3,000 in fraudulent purchases had been made on a credit card she had recently received. One of the on-line businesses told her the goods had been shipped to Goleta, CA. “Where?” she asked. She did not know anyone there, so she filed a police report, which wound up on Pixley’s desk.
Pixley eventually determined that as many as eight credit cards were being used to order computers and high tech gadgets for the same address. A check with the local high school confirmed that a student lived there. And United Parcel Service had another delivery to be made. A Sheriff's detective, wearing a UPS uniform, made a controlled delivery. As soon as the suspect signed for the items, he was arrested and other deputies with a search warrant began going through his home.
Detectives learned that the suspect had used his computer during several phases of his crimes. First, he downloaded a program that would calculate mathematically correct credit card numbers. Second, he used it to generate the numbers, extrapolating them based on his own valid card. Third, he used the Internet to make purchase of – you guessed it – more computer hardware.
As a juvenile and a first time offender, the hacker got off with restitution and probation.
In another jurisdiction, the parents of a juvenile counterfeiter received an extra financial jolt to their son's criminal sentence. During the search of the juvenile's home, detectives recovered 5 illegal cable television descramble boxes connected to the home televisions. “The cable companies love these cases,” Pixley concluded. “They bring civil suits for $5,000 per box. So while this young man is paying his debt, his family is paying an extra $25,000.”
No comments:
Post a Comment