[ISN] Cops see little hope in controlling computer crime

From: mea culpa (jerichoat_private)
Date: Fri Aug 07 1998 - 00:17:07 PDT

  • Next message: mea culpa: "[ISN] FBI Busts Hacker who Sold Clandestine Accounts on PageNet"

    Forwarded From: rio <rioat_private>
    Cops see little hope in controlling computer crime
    By Rob Lemos, 
    August 6, 1998 10:16 AM PT
    CHICAGO -- Despite making headway combating high-tech criminals, law
    enforcement officials say they remain worried about their ability to
    investigate and prosecute cyber crimes.  Encryption, anonymity, and the
    jurisdictional problems posed by a global Internet are quickly turning
    from small headaches to full-blown migraines for local, state, and federal
    police forces. 
    "It's hard to predict where we will be in 10 years," said Scott Charney,
    chief of the computer crime and intellectual property section of the U.S. 
    Department of Justice. "But there are going to be all sorts of birthing
    pains." Charney gathered here with other computer-savvy law enforcement
    officials to attend an international symposium on criminal justice issues
    at the University of Illinois at Chicago. The symposium focused on
    high-tech crime, cyber-terrorism, and information warfare. 
    Invisible criminals Law enforcement officers say one of their biggest
    challenges paradoxically remains knowing when a crime is committed. 
    According to the General Accounting Office, there were 250,000 attempted
    break-ins at the Department of Defense in 1995. NASA estimates that
    crackers -- hacker criminals -- broke in to over 120,000 of its systems in
    1996. Yet, few of those incidents are detected, much less reported. When
    DOD hackers broke into their own servers in 1996 and 1997, they attacked
    38,000 machines. Only four percent of the incidents were detected. Out of
    that number, only 27 percent of detected break-ins were reported.
    "We will get better," said Doris Gardner, an investigator with the
    National Infrastructure Protection Center, a new federal agency
    established to fight computer crime. "We need to educate -- to work better
    with each other." 
    Pandora's box 
    Yet, even as law enforcement is educating itself on the challenges ahead,
    experts here said cyber-criminals continue to refine their abilities.
    According to the DOJ's Charney, the number of cases involving encrypted
    data climbed from three percent in 1996 to seven percent in 1997. If that
    trend continues, he said, the only tactic left for law enforcement is to
    increase its surveillance capabilities. 
    "If privacy advocates get their way on encryption," said Charney, "they
    may not be happy." 
    With no way to read into encrypted electronic documents, he added, the FBI
    and others will have to rely on capturing the evidence at the source. "And
    that could really decrease privacy." 
    Even so, there are other ways around encryption. In 1996, when an ISP
    reported that its system had been cracked, all FBI leads ran into brick
    walls. Luckily, the cracker, Carlos Salgado Jr. -- who had stolen over
    100,000 credit card numbers worth more than an estimated $160 million --
    found a potential buyer who suspected his credit card was one of the ones
    on the block to be sold. The "buyer" contacted the FBI and became a
    cooperative witness in the case. 
    Despite Salgado's extensive use of encryption -- both his e-mails and the
    actual credit-card data were encrypted -- the FBI had no problems
    collecting evidence, because their witness received all the codes from
    Luck, or a trend? It's too early to tell, but Gardner, for one, seems
    positive on the FBI's ability to prosecute. "If we know about it," she
    said, "we can usually prosecute it." 
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:00:39 PDT