Forwarded From: rio <rio@dimensional.com>
Cops see little hope in controlling computer crime
By Rob Lemos,
ZDNN
August 6, 1998 10:16 AM PT
CHICAGO -- Despite making headway combating high-tech criminals, law
enforcement officials say they remain worried about their ability to
investigate and prosecute cyber crimes. Encryption, anonymity, and the
jurisdictional problems posed by a global Internet are quickly turning
from small headaches to full-blown migraines for local, state, and federal
police forces.
"It's hard to predict where we will be in 10 years," said Scott Charney,
chief of the computer crime and intellectual property section of the U.S.
Department of Justice. "But there are going to be all sorts of birthing
pains." Charney gathered here with other computer-savvy law enforcement
officials to attend an international symposium on criminal justice issues
at the University of Illinois at Chicago. The symposium focused on
high-tech crime, cyber-terrorism, and information warfare.
Invisible criminals Law enforcement officers say one of their biggest
challenges paradoxically remains knowing when a crime is committed.
According to the General Accounting Office, there were 250,000 attempted
break-ins at the Department of Defense in 1995. NASA estimates that
crackers -- hacker criminals -- broke in to over 120,000 of its systems in
1996. Yet, few of those incidents are detected, much less reported. When
DOD hackers broke into their own servers in 1996 and 1997, they attacked
38,000 machines. Only four percent of the incidents were detected. Out of
that number, only 27 percent of detected break-ins were reported.
"We will get better," said Doris Gardner, an investigator with the
National Infrastructure Protection Center, a new federal agency
established to fight computer crime. "We need to educate -- to work better
with each other."
Pandora's box
Yet, even as law enforcement is educating itself on the challenges ahead,
experts here said cyber-criminals continue to refine their abilities.
According to the DOJ's Charney, the number of cases involving encrypted
data climbed from three percent in 1996 to seven percent in 1997. If that
trend continues, he said, the only tactic left for law enforcement is to
increase its surveillance capabilities.
"If privacy advocates get their way on encryption," said Charney, "they
may not be happy."
With no way to read into encrypted electronic documents, he added, the FBI
and others will have to rely on capturing the evidence at the source. "And
that could really decrease privacy."
Even so, there are other ways around encryption. In 1996, when an ISP
reported that its system had been cracked, all FBI leads ran into brick
walls. Luckily, the cracker, Carlos Salgado Jr. -- who had stolen over
100,000 credit card numbers worth more than an estimated $160 million --
found a potential buyer who suspected his credit card was one of the ones
on the block to be sold. The "buyer" contacted the FBI and became a
cooperative witness in the case.
Despite Salgado's extensive use of encryption -- both his e-mails and the
actual credit-card data were encrypted -- the FBI had no problems
collecting evidence, because their witness received all the codes from
Salgado.
Luck, or a trend? It's too early to tell, but Gardner, for one, seems
positive on the FBI's ability to prosecute. "If we know about it," she
said, "we can usually prosecute it."
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
Received on Fri Aug 7 12:40:11 1998