[ISN] Computer forensics specialists in demand as hacking grows

From: InfoSec News (isnat_private)
Date: Sun Sep 08 2002 - 23:16:30 PDT

  • Next message: InfoSec News: "[ISN] White House cybersecurity chief defines cyberthreat"

    By Suzanne Monson
    Special to The Seattle Times
    September 08, 2002 
    Dick Tracy had it easy. 
    Today's real-life crime-fighters battle villains more sophisticated
    than those the comic-book character ever faced  and these modern-day
    crooks often set their sights on threatening business, government and
    national security using computers.
    That's why it takes more than a simple high-tech wristwatch to beat
    computer crime. It takes cybersleuths  experts trained in Information
    Systems (IS) security, or computer-program protection, and the more
    advanced skills of computer forensics.
    "There simply are not enough people to do this work," says Scott
    Pancoast, a Seattle-based certified forensic computer examiner with
    the Washington state Attorney General's Office.
    One of just 180 forensics investigators certified worldwide by the
    International Association of Computer Investigative Specialists,
    Pancoast is among the 15 to 20 computer forensics examiners who work
    in this state.
    These "digital detectives" collect, preserve and analyze computer
    evidence according to careful style so that it can be criminally
    Not only is demand for computer forensics investigators hot, but
    several labor forecasts predict a shortfall of nearly 50,000 within
    the IS security profession, too.
    In police parlance, if computer forensics investigators are
    detectives, then IS security experts are the patrol cops who protect
    computers and network systems from high-tech safecrackers and vandals.  
    Businesses, government and law-enforcement agencies all are
    "scrambling" for such workers, says Lake Washington Technical College
    dean Mike Potter.
    That's why, Potter says, the Kirkland school is adding a two-year
    computer forensics degree program to its existing three-quarter
    computer/network security certificate program this fall; Eastside
    police chiefs and local business leaders stressed the need.
    No wonder. Cases of computer hacking and network viruses have
    skyrocketed in the past 14 years. The number of computer/network
    security incidents reported to the Carnegie Mellon Software
    Engineering Institute has exploded from six in 1988 to more than
    52,658 last year.
    And increasingly, other cases involve the perpetrators using their
    personal computers or the Internet to commit such crimes as
    embezzlement, drug dealing and child pornography. That's the typical
    workload facing computer forensics specialists such as Pancoast.
    "When I tell people what I do, they often say, 'God, that must be
    fun,' " says Pancoast. "I try to dispel that myth as much as possible.  
    When you boil down the stories that we've seen, there are some great
    ones. But often it's long hours with tedious and sometimes boring
    Pancoast recently was combing through "tidbits" on a computer hard
    drive with more than 40 billion bytes. His job was to narrow the
    search down to 2,000 bytes that might be important in building a
    criminal case.
    "It's like searching for a needle in a haystack," he says.
    His meticulous work has been integral to prosecuting various cases
    throughout the state, including the high-profile mail-order bride
    murder case in Snohomish County earlier this year. With so few
    computer forensic specialists in the state, counties and other
    law-enforcement agencies around Washington often turn to him.
    Computer forensics investigation, Pancoast says, is for people who
    "gotta like law enforcement, are very curious and want to follow leads
    when things just don't look right."
    However, he warns, it's also a job that requires "mental toughness" to
    deal with the darker, sometimes intensely graphic side of crime.  
    Performing "exacting, detailed work" can mean the difference between a
    conviction and a case being thrown out of court. Typically, computer
    forensics specialists start out in law-enforcement and expand their
    skills into cyber-sleuthing, says Lake Washington Technical College
    computer forensics instructor Marvin Everest, who has about 30
    students enrolled in his course. However, civilians with computer
    forensic training may become qualified to work for law-enforcement and
    government agencies, he believes.
    Many of these high-tech civilians start out with slightly different
    skills  IS security training that is more often employed in
    businesses, protecting internal computer systems and external
    Employers who are tired of "getting beat up by viruses and much more
    sophisticated hackers," Potter says, are hiring security professionals
    to protect them from bugs such as "Code Red" to the "I Love You"  
    Network-security specialists must be able to think like hackers,
    Potter says. In one class, students practice "intrusion detection" by
    playing "good guy, bad guy," he adds. "One half of the class is trying
    to break into the network, while the other half is using prevention
    Several other local schools  including Bellevue Community College,
    the University of Washington's Extension Continuing Education program
    and ITT Technical Institute  offer training in IS security.
    With advanced skills, security professionals are among the technology
    industry's highest-paid workers, according to a recent survey by the
    System Administration Networking and Security Institute.
    Security consultants tended to earn the highest average at $79,395,
    followed by security auditors at $71,404, security administrators at
    $63,598, system administrators at $61,440 and at $58,399 a year,
    network administrators.
    FACTS For more information about the growing field of computer
    ITT Technical Institute: www.itt-tech.edu or 206-244-3300.
    Lake Washington Technical College: www.lwtc.ctc.edu or 425-739-8100.
    University of Washington Educational Outreach:  
    www.outreach.washington.edu/ or 206-543-2320.
    Certified Information Systems Security Professional: www.isc2.org or
    Computer Technology Investigators Northwest: www.ctin.org.
    High Technology Crime Investigation Association: www.htcia.org or
    International Association of Computer Investigative Specialists:  
    www.cops.org or 877-890-6130.
    System Administration Networking and Security (SANS) Institute:  
    www.sans.org or 866-570-9927.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Mon Sep 09 2002 - 01:33:59 PDT