Forwarded from: William Knowles <wk@private> http://www.centredaily.com/mld/centredaily/news/6839620.htm BY GINA BARTON Milwaukee Journal Sentinel Sept. 23, 2003 MILWAUKEE, Wis. - (KRT) - Barry J. Fibiger of Sheboygan, Wis., came face to face with police on the waterfront in Virginia Beach, Va. According to a court document quoting law enforcement officials, Fibiger was "soft-spoken, cooperative and polite" when they confronted him beside the ocean in October 2002. He was "very calm and spoke very softly" and didn't struggle when they took him into custody. Fibiger, 35, told police he'd come to Virginia to kill himself. In a suicide note left behind in Wisconsin, Fibiger had willed his computer to his father. He'd used the Dell 8200 in ways that had gotten him indicted on federal charges of wire fraud, mail fraud and counterfeiting. The charges against Fibiger were the result of a recent national crackdown on Internet fraud known as "Operation E-Con," initiated by Attorney General John Ashcroft. Over the past three years, consumer fraud cases involving the Internet have increased steadily, according to the Federal Trade Commission. In 2002, nearly half of the 218,000 fraud complaints received by the FTC were Internet-related. In Wisconsin, four FBI agents in Milwaukee and six others throughout the state make up a cybercrime squad whose sole purpose is battling online bad guys. They recently received a grant from the national FBI headquarters to form a cyber task force here, which will consist of members from federal, state and local law enforcement agencies. The task force will allow computer criminals to be investigated and prosecuted more efficiently and is expected to be up and running by the end of the year, said FBI Special Agent Matt Petersen. "This thing is growing by leaps and bounds. We're constantly recruiting people with computer skills," said FBI Special Agent Michael Johnson, who is in charge of the specialized squad. Fibiger has pleaded guilty to four federal felonies and is scheduled to be sentenced next month. He faces a maximum possible penalty of 20 years in prison and fines of $1 million. Federal officials first zeroed in on Fibiger due to a referral from the Internet Fraud Complaint Center, a national Department of Justice clearinghouse that tracks complaints and refers them to the appropriate authorities. Prosecutors say he set up several online stores. There, he advertised Palm Pilots, hand-held computers and other electronic equipment. Consumers placed orders and sent payment through the online services PayPal and PayByCheck, but they never received the merchandise, according to court documents. --- Cases such as Fibiger's are just the tip of the iceberg, Johnson said. "There's now crime over the Internet that didn't exist 10 years ago," he said. One of the most common types is computer intrusion. Some people guilty of this offense have legitimate reasons to be working within a system but overstep their bounds. Some - such as Chad Davis - aren't entitled to access but create it for themselves, anyway. Davis, a follower of convicted computer felon Joseph Konopka, dubbed "Dr. Chaos," hacked into the U.S. Army's computer system, Petersen said. There, he defaced the Web site to let people know it had been cracked by "Mindfazer," his nickname. He also went to other servers to look at personnel and other records, Petersen said. The investigation into Davis' crimes began with log files, computer records of who comes into the system and when. Most hackers know how to hide their presence by modifying these files. But the Army had a second set in place, which was operated by a different server. Davis didn't know about the backup log files, so he didn't erase himself from them, Petersen said. The log files led authorities back to a Green Bay, Wis., Internet service provider. Davis, who lived in the area, became a suspect because he already was under investigation for prior computer crimes, Petersen said. His name wasn't attached to an account at the Green Bay company, so authorities placed him under surveillance. They spotted him "Dumpster diving" in the alley behind the business and later learned he had retrieved e-mail addresses, passwords and other client information from the trash. A review of phone records revealed Davis' telephone number attached to the account of a bowling alley called Mr. Ten Pin. He had accessed the Internet at the exact same time the Army Web site had been compromised, Petersen said. FBI agents served a search warrant, then arrested Davis, now 23. He confessed a few days later, Petersen said. He later pleaded guilty to one count of computer fraud and was sentenced to six months in prison and three years of supervised release. Davis' main motivations were mischief and bragging rights, Petersen said. But other computer criminals have more nefarious motives. Some seek out personal identification, then use it to get credit cards in the names of unwitting consumers. Some make their way into computer-based corporate telephone systems and make thousands of dollars in long-distance calls. Some trade in child pornography. "We get a lot of complaints from ex-girlfriends," Johnson said. "Or we seize the computer for some other reason and find this stuff." Petersen, who analyzes the hard drives of every computer seized in a Milwaukee FBI case, said he spends 40 percent to 60 percent of his time on child pornography investigations. The state Division of Criminal Investigation also focuses substantial energy on them, Johnson said. Computer crimes of every type pose numerous challenges for law enforcement, Petersen said. Some businesses turn off log files, not knowing they can be among an investigator's best resources. Those that are activated re-write themselves every 30 days to save space on the hard drive, so authorities always are working against the clock. Some people take over numerous systems before they cause trouble, and it's hard to trace where the hacker began. Cybercrime investigations also tend to be solitary pursuits, leaving an agent alone with a hard drive, a list of phone records or a file of computer code. The cybercrime problem isn't going away anytime soon. "The trend is that it's increasing. It's gaining in notoriety," Petersen said. --- Protection To protect yourself against computer crime: DO Change factory preset passwords Shred documents containing personal information before throwing them away Obtain copies of your credit report periodically to check for unauthorized charges DON'T Give out personal information in response to a pop-up ad Give out personal information over wireless services or cordless phones Give out bank account numbers or send money to someone you "meet" in a chat room or via e-mail *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ---------------------------------------------------------------- C4I.org - Computer Security, & Intelligence - http://www.c4i.org ================================================================ Help C4I.org with a donation: http://www.c4i.org/contribute.html *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Sep 25 2003 - 04:41:28 PDT