As criminals become more adept at using technology to engage in illegal activities, government agencies and private-sector companies must counter that with information on the latest computer-crime trends and high-tech know-how, resulting in minimized or no losses. For both groups, education and training are the keys to keeping ahead of the cybercriminal.
To help train organizations in the latest computer forensic technologies Michael Anderson and his company, New Technologies, assembled a computer forensic "Dream Team" in 1996, employing many of the industry's top computer and security experts and boasting an impressive client list that includes all of the Big 6 accounting firms, most military agencies, and numerous law-enforcement agencies and Fortune 500 corporations. New Technologies provides its clients with the training and expertise needed to assess computer security risks, and gather and use computer evidence. The staff is also involved in many research projects and the development of new automated forensic tools.
According to Anderson, a pioneer in computer forensics, his group has recently learned of technology that can covertly extract computer secrets over the Internet. Once the spy program is launched on a targeted computer, information from the computer's hard drive is secretly routed to a designated e-mail account. The stealth program is controlled from a remote location and has the ability to collect data and overwrite specific files or even the entire hard drive.
New Technologies is working on ways to develop this technology for use by law enforcement and intelligence agencies, and is in the process of developing tools that can identify and defend against this difficult-to-detect and potentially dangerous technology. The group is also working on improved data discovery and information hiding tools and ways to quickly match a floppy disk with the exact computer that wrote the data to it.
While there are many important changes happening in the field, the following trends in computer crime present law enforcement and corporate-security organizations with a number of unique challenges and opportunities.
Trend No. 1: Destroying Computer Evidence
When an employee is misusing business funds or is engaging in some other type of criminal activity, he will often attempt to cover his tracks by deleting incriminating computer files and directories. However, it is important for investigators to know that fragments of the deleted information can still be found on the computer's hard drive. A properly trained computer forensic expert will be able to recover valuable evidence from the "electronic crime scene." Using the proper tools and procedures, computers can be a gold mine of evidence for law enforcement and corporate-security officers.
Surprisingly, many investigators have no idea of the wide array of information that may be found at the "electronic crime scene" and even less knowledge about how to safely gather computer evidence. Without the proper training, a computer's evidence could be rendered worthless, or -- much worse -- an agency that damages computer equipment during an investigation could find itself on the receiving end of a lawsuit.
Trend No. 2: Stealing Trade Secrets
While future industrial spies may use the Internet and stealth programs to steal a competitor's trade secrets, most of today's industrial secrets leave right through the front door. Current computer technology makes it easy for a disgruntled employee or a corporate mole to walk away with hundreds of pages of research on a floppy disk or thousands of documents on a laptop's hard drive. Writeable CD and DVD devices make it even easier to commandeer large amounts of sensitive corporate data without detection.
Anderson's clients tell him that, in some cases, bounties have been placed on laptops from certain corporate R&D departments. To industrial spies, there is no need to break into a competitor's research lab when the data they want resides on the laptops carried by many scientists and engineers.
Trend No. 3: Holding Data Hostage
Sensitive data may not only be stolen but also taken hostage. A disgruntled employee or outside hacker may attempt to capture and then ransom key computer data. The widespread availability of industrial-strength encryption could allow someone to encrypt important files or records and then attempt to sell the password for millions. Data is the life blood of most corporations, and timely access to information is critical. In many cases, the loss of important data could bring a company to its knees.
Trend No. 4: Counterfeiting
Today's high-quality color copying and desktop-publishing equipment make counterfeiting easier than ever. Normally, when we think of counterfeiting, we think of phony currency. However, a growing number of criminals are using low-cost -- yet high-quality -- equipment to produce counterfeit copies of everything from lottery tickets to payroll checks. In some cases, criminals are using duplicating equipment to copy gift certificates from restaurants or department stores.
While stores may lose $10 or $20 on a bogus gift certificate, a more serious threat is the forging of payroll checks. A criminal possessing a corporation's check can easily purchase the same stock of paper and create countless forgeries. In one recent case, a forger produced thousands of dollars worth of bogus payroll checks and then visited Las Vegas, where a number of the worthless checks were cashed in the casinos with the help of forged identification.
No Security
"The PC was a fluke. No one anticipated that the personal computer would become so popular or that businesses would ever use them to conduct financial transactions," said Anderson, who has worked with computer security for 18 years. "It was never intended for commercial use and was not designed to be secure." In addition, Anderson noted that a growing number of personal computers are being connected to the Internet, which, he points out, is another technology not originally designed for secure financial transactions.
The widespread acceptance of both of these technologies has created headaches for law enforcement and corporate-security officers and exposed many weaknesses that can be exploited by computer-savvy criminals. Training and education are the only ways to keep ahead of these criminals.
James Wolf is an assistant professor of computer information systems at Cedarville College (Cedarville, Ohio) and has a master's degree in management information systems from George Washington University. In his spare time, he writes about technology, teaches at University of Phoenix Online, and spends a lot of time on the Internet..
July Table of Contents
