Forwarded From: Julian Assange <proffat_private> SMH Saturday, October 24, 1998 The force - that's the police force - may be with you right now. Kirsty Needham reports. Two Federal agents burst into a room. The thief jumps, more alarmed by the sight of the computer carried by one of the agents than the gun pointed at him. He's been found with his hands on the keys, so to speak, but just as incriminating will be the digital evidence uncovered as the Feds launch powerful software to search the nooks and crannies of his hard-drive. A court order had allowed the police to implant a signal device on the thief's computer and for days it has been transmitting raw data to an outside receiver. There, officers have printed out the thief's trail of electronic break-ins as plain text on paper, ready to be handed to a court. They know his password, and a government agency has granted them access to the "key" to the military-strength encryption the thief uses to disguise instructions, sent via the Internet, from an accomplice on the other side of the world. Welcome to the mean streets, of the future where cyber cops enforce law in a networked world of electronic commerce, smart cards and telecommuting. At the first international computer crime conference held in New York last March, the director of the FBI, Louis Freeh, spoke of how agents graduating from the bureau's college in Virginia were now equipped with a badge, a gun and a laptop. He declared the computer an "excellent symbol" of the changing environment faced by agents. "It is also imperative for the way they must conduct investigations. When they serve law enforcement search warrants, they seize hard drives and disks instead of boxes and boxes of records," Freeh said. In Australia, the first accredited computer crime course for police officers is expected to be offered through universities next year. Des Berwick, the executive officer of the National Police Research Unit (NPRU), says specialist computer crime units are being "swamped" with work from around the country. It's time for general police to grapple with more modern crime-fighting techniques, he says. Computer literacy will become a prerequisite for entry to police academies, and investigators coming out the other end will have the know-how to search a computer and its peripherals for evidence under a training scheme being finalised by the NPRU. Officers wanting more sophisticated computer sleuthing skills will be trained to deal with the networks typically found in the workplace, while computer forensic specialists will learn to "exploit" an operating system to identify hidden files and deleted data. Detective Senior Sergeant David Caldwell, who heads the Victorian police force's 10-man computer crime squad, says crime has "come of age" in Australia. "It's a frequent, everyday occurrence for people around the country. Credit cards are being used, people are receiving threatening e-mail or having their businesses hacked," he says. Jail sentences have been handed out to three Australian hackers this year. A Melbourne programmer working for Telstra was sentenced to 2 1/2 years' jail for manipulating a billing and invoice system to avoid paying for thousands of dollars worth of mobile phones that were then on-sold. The notorious hacker Skeeve Stevens was given a three-year sentence for breaking into an Internet service provider and disclosing the credit card details of its customers. Another hacker faces court in Victoria this month for breaking into more than 100 corporate Web sites. Chris Buttner, who leads the Australian Federal Police's Sydney computer crime unit, says a Sydney schoolteacher who built a device to break into public pay phones, duped "ordinary US citizens" into telling him their telephone calling card numbers, then circulated them on the Net, was sentenced to two years and nine months periodic detention in May. This followed an appeal by the Crown that the original sentence of community service was too light for a "phone phreaker". "He is a very good example of what we have always said - that in computer crime, the only limit is the imagination of the offender," says Buttner. In the frontline, and facing "completely new types of crime", Buttner has seen how technology opens far greater options to attack a victim than simply burning down a building or robbing a business. "If you are on the Internet, I might be able to hack in to get access to your client database or your accounts payable. This sort of information might be sufficient for me to put you out of business by my setting up in competition with you ... I can take that information out and you've still got it. You may not be aware that it has gone." In Victoria, Caldwell has detectives specialising in Windows NT, Linux, Unix and Windows 98 operating systems. The officers split their time between computer crime investigations and carrying out forensic work (retrieving clues from PCs) for other squads. He says targets are often surprised at the amount of evidence that is gathered: "They feel remote from the place of the crime. They are not holding a gun or a credit card." A steady stream of visitors from police forces in Hong Kong, Japan, Ireland, the Netherlands and England comes through their doors to see how it's done; this is a new and evolving field, complicated by the reality that digital evidence is "volatile and susceptible to change". Buttner, who was sent by the AFP to Canada to train in computer forensics, says his team has been called on to search computers for the Australian Customs Service to find e-mail that confirms the importation of prohibited substances, recover digital images in child pornography investigations and retrieve information from satellite navigation systems on drug smugglers' boats. Demand for these skills has grown to such an extent that the Sydney unit no longer runs its own investigations into high-tech crime. Not only are computers being increasingly found at crime scenes, but the size of hard drives to be searched has grown dramatically. "You are now getting to the point where you are looking for the needle in the haystack," says Buttner. To search smarter, Australian officers have developed strong content analysis software and disk imaging systems, some of which are being looked at by European police forces. "We have designed our own equipment which basically acts as vacuum cleaners," says Ken Day, 35, a former AFP officer who is recognised as Australia's first cyber cop. He says these suckers are capable of duplicating up to 70 gigabytes of data in one afternoon. The AFP investigated its first major computer crime case in 1988. Operation Dabble resulted in a group of teen hackers being revealed as the culprits behind a series of "look-see" hacks on US military and research institutions. Their tale was immortalised in Suelette Dreyfus's 1997 book Underground (Reed Books). "It was a very weird situation," says Day. "In 1988 we had a referral from the US Secret Service relating to an attack on a computer system. The allegation did not relate to hacking, but that was the end result. It started as a fraud investigation, but our inquiries led us to an IT-based crime. And there was no law to deal with it." At the time, Day worked in counterfeiting. "Management was prompted to call upon me because I had my own computer at work," he says. Day founded a dedicated computer crime unit for the AFP in 1990, after the Crimes Act was amended in 1989 to impose a maximum 10-year penalty for the destruction or alteration of data on a computer. In the early days, AFP computer crime teams faced university students flexing their programming prowess on the academic network AARNet and young hackers "driven by ego". "There is now a very high dependence on IT systems by society at every level. There is more networking and interconnection now, and there are more IT professionals," Day says. Basically, there are more opportunities for computer fraud, and more people in the community with the skills to commit it. "The scope is far more extensive than other crimes, as is the potential vulnerability. In one case, a group of Australian hackers broke into another country [through the Net] and wreaked $2 million damage ... How could you do that without using computers?" But with computer forensics working to support drug busts, and pedophile cases becoming all-consuming, even Day's former unit has found itself forced to spend less time investigating this year than in its heyday. Day and two other officers quit the force and this month joined the consulting firm Arthur Andersen, which plans to use their skills internationally. Most computer crime goes unreported by companies because they are embarrassed at security breaches, says Day. He can see the need for private cyber sleuths. Yet Day, arguably Australia's most experienced computer crime fighter, also expresses frustration that we may be falling behind in the battle against high-tech crime. "The United States and Europe are taking it far more seriously if you gauge it by the amount of resources being put in to tackle computer crime," he says. In February, a US presidential decree saw the FBI set up a National Infrastructure Protection Centre as a front-line defence against hacking. It will also advise on cyber crime policy. "Electronic offending is the growth area of the future," says Dr Russell Smith, a research analyst with the Australian Institute of Criminology and the author of Crime in a Digital Age. The motivation for stealing remains constant - mostly greed or circumstances, such as the need to support a drug habit, he says. But while violent assault may gain more publicity, sophisticated fraud has a more devastating effect on the victim. And the computer is providing "more efficient" ways to do it, he says. Smith hopes the National Police Research Unit's training program will be "one step in a long process of raising the profile of this type of crime". Australian police forces "have got a difficult task in terms of resources", he says. "It is extremely time-consuming and difficult to prosecute these cases. People are often in a different jurisdiction in Australia, or overseas." Australian laws are gradually adapting to computer crime. In 1995 the Commonwealth and NSW governments amended legislation about the laws of evidence to accept computer evidence. This is expected to be used as a model throughout Australia, says Smith. The NSW Law Reform Commission has also recommended the Listening Devices Act be updated to accommodate new-style "signal devices" used by police to tap data streams from computers to a remote location. Yet to come is the Australian Government's policy on encryption, an issue being debated by governments around the world and set to have the biggest impact on policing in a digital age. A report to the Commonwealth Law Enforcement Board in November 1996 warned from page 5 that widespread use of encryption software would severely limit the use of even simple phone taps. It predicted e-mail would replace telephone communication, making the practice of tapping a single phone through a local telephone exchange obsolete. Because e-mail messages are routed around a complex network of computers, multiple interception points would be needed, for example, at banks, ISPs and gateway exchanges. And if police were unable to gain access to publicly held "keys" to all encryption software available in Australia, they would have to resort to trying sophisticated "neural networks" (software that aims to imitate the human brain) and "smart agents" to at least pick up patterns about when and where e-mail was being sent, even if they couldn't read it. Trying to crack the code was deemed to be time-consuming and impractical. Alternatively, they could tap the source computer. Day says it is a serious problem, but it is up to the community to decide the shape of any encryption legislation. There are two main issues at stake, he says: "Everyone's right to privacy, and law enforcement's ability to access information to investigate people alleged to have committed a crime." The Federal Government this year said it endorsed a set of cryptographic guidelines that had been determined by the OECD. These promote the use of cryptography and say governments should consider its potential to jeopardise law enforcement, but the OECD does not come down one way or another on whether governments should allow "lawful access" to keys. "The issues with respect to law enforcement and national security interests are being taken into account," says a spokesman from the Attorney-General's office. The FBI has strongly lobbied that the use of encryption by criminals and terrorists poses a "serious threat", and says its Laboratories Computer Analysis and Response Team has seen in the past two years a rise to 7 per cent from 2 per cent in the number of cases involving encryption. The FBI warns that encrypted data found on a computer in Manila belonging to the terrorist Ramzi Yousef, who plotted to blow up 11 US airlines, had still not been cracked. Criminal haunts on Sydney's streets The walls of the NSW Police's City Central intelligence unit are covered with printouts. Ten years ago, there would have been a styrofoam board with coloured pins to indicate bag snatches and violent assaults on our city streets. Chances were, by the time police officers had finished sticking in the pins, the data would have been out of date. And the only way to record the data would have been to photograph the board. Enter GIS mapping, software regarded by police as crucial to the success of Operation City Safe, a zero-tolerance-style crackdown on crime that began in May. In the first use of crime-density mapping of the city, Sydney's CBD was sliced into grids. Intelligence officers downloaded information from the COPS mainframe, cross-referenced exact locations to determine where crimes were taking place, then pulled it all into a program called Map Info. The software produced a map showing 16 hot spots for violent crime, assault, robbery and bag snatches for April (mostly public places such as streets or parks). A month later, the software showed the hot spots had been reduced to six. Computer analysis of the times and days when crimes were most prevalent has allowed police to be deployed to have a deterrent effect. "Being there before it happens" is how Tony Maber, commander of the NSW Police Mapping Unit, describes it."We are using technology to try to achieve the biggest bang for the buck." A mass training program will begin next week to push the use of Map Info across every police station in NSW. Going soft on crime The trial of a Queensland youth for the murder of a 22-year-old Japanese backpacker, Michiko Okuyama, whose body was found in September last year in an abandoned warehouse in Cairns, saw the first use of virtual reality in an Australian Supreme Court. Sergeant Adrian Freeman, of the Queensland police, took a dozen photographs of the crime scene with a digital camera. He then created a walk-through, virtual-reality reconstruction, with software developed by Freeman and Sergeant Troy O'Malley. The software has attracted international attention. "It was a complicated case in relation to the layout of the warehouse where the girl was murdered. VR was used to show the jury the layout, and also in reference to a number of incidents that occurred in the warehouse during that time," says Freeman. The court heard how Okuyama was bashed in a sound-proof steel vault within the warehouse. Freeman presented his evidence over two days. He then left the prosecution lawyers with a laptop loaded with the software and a digital projector. After a 20-minute training session, the prosecution team felt adept at using it. Presiding over the trial was Justice Stan Jones, who describes the application of VR technology as "excellent". "Crimes are committed in environments that can change quite dramatically in the time it takes to get a case to trial," he says. "The advantage [of this technology] is that you have a crime scene presented in a way in which you can take the witnesses through it, and move around. "I came through this door and saw this' is a great deal better than having a jury try to remember photographs." (The defendant was found guilty last month and will be sentenced next month.) In November, the Interactive Crime Scene Recording System is expected to be rolled out across the Queensland police service. This requires an investment in laptop and desktop computers, and training for photographic and development staff. Freeman says issues to be resolved as police forces take up this type of technology include maintaining the integrity of images, which can easily be manipulated because they are digital. Freeman recently spent a month visiting the FBI and police departments in Los Angeles, Montreal and London. So, what does the digital future hold for justice? "Depending on the development of technology and its acceptance by the courts, we are looking towards an electronic courtroom where all evidence is recorded on CD. It stops the paperwork, makes indexing easier, and is happening in the US now." -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Hacker News Network [www.hackernews.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:23:19 PDT