http://www.techweb.com/se/directlink.cgi?WIR1997051912 Criminal Information On The Wires By Douglas Hayward A Russian criminal gang breaks into a bank undetected after immobilizing the alarm system with a blast of electromagnetic energy. Hundreds of miles away in Holland, a criminal mastermind keeps one step ahead of the police by bugging and deciphering even their most secret communications. These two events, though far apart, are part of the same frightening phenomenon: the growing use by criminals of sophisticated information warfare (IW) techniques and technologies borrowed from the military and security services. Information warfare is the art of monitoring or attacking your enemy's communications and information networks. IW techniques range from overt physical attacks aimed at damaging or destroying communications and computer networks to covert "virtual" attacks -- such as tapping communications or hacking computer files -- which rely on their effect of being undetected. Information warfare also includes elements of propaganda and psychological operations, such as jamming enemy broadcasts and replacing the content with your messages. Show Me The Money = Show Me The Crime IW used to be a technique used by generals and spies, but now it's something happening on the streets in any town. "A great part of IW now takes place in the field of computer-related crime," says Captain Freddy Gevaert of the Belgian national police, the Gendarmerie. "We have gone beyond the world of tangible goods and stepped into a virtual world where data is knowledge, knowledge is power, and power is money. And where you find money, you find criminal organizations." Most business organizations have become totally dependent on their IS and communications networks. If you can raid the computer files of a bank with impunity, you can steal money electronically, which happened to the Citicorp bank in 1995, when a Russian criminal hacker group illegally transferred an estimated $12 million. Russian criminal gangs have also used IW hardware devices -- such as electromagnetic pulse guns that knock out communications systems using intense energy bursts -- to immobilize banks' alarm systems. A recent criminal investigation in Holland showed how criminal gangs are using IW techniques not just to attack commercial targets, but also to harass and outmaneuver police and judicial agencies. Too Advanced To Follow "In the early 1990s, we found ourselves dealing with an opponent who was technologically ahead of us and who was therefore very difficult to follow," says Piet Kruijer, a chief inspector in the Amsterdam police. "We discovered that information warfare can be used against the police force and civil authorities as well as against industry and military organizations." Kruijer's opponent was an Amsterdam gangland boss, Charles Zwolsman, who created a sophisticated counter-intelligence organization, backed by impressive hardware and software technology, to destabilize the police investigation into his operations. Zwolsman's private intelligence agency, dubbed the "Service Department" by Kruijer, operated as five separate groups, or "cells." As with military or terrorist groups, each cell worked independently and only communicated with others when necessary. A group calling itself the "counter-observation team" (COT) shadowed police personnel and passed on intelligence -- including home addresses and license plates of police personnel -- to Zwolsman. A second group of wiretapping experts -- dubbed the "scanner freaks" -- developed and installed wiretapping equipment, with the help of people within the Dutch telephone company and local universities. Two separate groups of hackers -- one politically motivated and another more criminally oriented -- monitored police IS and communication systems. "These groups succeeded in cracking the analog encryption used by many Dutch government services," Kruijer says. "They could decode our conversations within three days of interception." A fifth group, known as the "technical criminals," developed the IS and communications infrastructure supporting the others. This group also recorded and analyzed all pager messages sent by the Dutch police, 24 hours a day, using bespoke hardware and software. Psychological Warfare Against Police Using the inside information acquired from monitoring police communications, Zwolsman kept one step ahead of the Amsterdam police for months on end. But he also waged a destabilizing psychological war against Kruijer's people, using information gathered by the COT and the wiretapping units. "We discovered that our communications were being tapped, computers and files were disappearing, attempted burglaries were made on houses of investigating officers, and our people were subjected to threats and blackmail attempts," Kruijer says. Transcripts of conversations embarrassing to the police and the judiciary were also leaked to journalists, he adds. Zwlosman was only defeated after Kruijer identified and pursued key members of the service department during an 11-month period, ending with a wave of house searches and arrests in September 1995. Zwolsman and several associates were convicted, and the organization was broken -- at least temporarily. The experience taught Kruijer two lessons: that criminals are building technological infrastructures potentially more powerful than those used by the police; and that the authorities must change the way they operate. "Since the Zwolsman case, we've managed to raise the awareness of this sort of problem within our organization, but we are always going to have people within the police who underestimate the problem," Kruijer told a recent conference organized by the National Computer Security Association. Keeping Abreast Of Criminal Activities One way to protect police against IW attacks is to bring IS expertise into the investigating team itself. This is a move considered radical by some police traditionalists, because it involves IS personnel crossing the boundary between "operational" and "administrative" duties. But Kruijer says it's necessary if the police are going to keep abreast of technology-literate criminals. "It is important that technical experts become part of the investigating team, and that they can develop techniques to help the investigation," Kruijer says. "We have got to work on our techniques and make them more creative, and we've got to change the mentality of our organization." Is the Zwolsman case an isolated incident? Kruijer and his colleagues believe not, and they're probably right. The tools and techniques used by Zwolsman's service department are universally available. Even some of the detailed raw information needed by criminals is up on the Net. For example, political groups sympathetic to the Irish Republican Army have posted extremely detailed information about the Northern Irish police force on easily accessible Web pages. The Dutch police are now moving to a digital voice network, which is harder for criminals to crack. But the challenge for them and for other forces will be to keep one step ahead of criminals who are increasingly technologically sophisticated. -o- Subscribe: mail majordomot_private with "subscribe isn". Today's ISN Sponsor: Dimensional Communications (www.dim.com)
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:52:04 PDT