Posts Tagged ‘HTCIA’

Todd on CyberCrime 101: Episode 7

Friday, February 5th, 2010

Last month while Todd was training in New York City, he had a chance to meet Joe Garcia, a computer crimes detective we connected with on Twitter. Joe has a podcast, CyberCrime 101, about all things computer forensics and information security. After reviewing the WebCase demo, he kindly invited Todd on the show to talk.

Their focus: Todd’s background, WebCase, and being president of the International High Tech Crimes Investigators’ Association (HTCIA). Joe voiced his approval for our tutorial screencasts, as well as our webinars and 2-day training; Todd told us that WebCase now offers 64-bit support, and will soon be released in a new version that has more features.

Thanks for having Todd on the show, Joe!

Christa M. Miller is Vere Software’s marketing/public relations consultant. She specializes in law enforcement and public safety and can be reached at christa at christammiller dot com.

Identity theft online: Some background

Monday, December 7th, 2009

Identity theft is one of Detective Kipp Loving’s investigative specialties. Having worked hundreds of ID theft cases in the last decade, Loving has seen the crime evolve along with, and as an integral part of, the Internet. His webinar is based on the 8-hour block he teaches during the 40-hour California Peace Officer Standards & Training course on financial crimes.

Trends in online identity theft

The Internet’s reach often means multiple jurisdictions and sometimes hundreds of victims. In fact, it’s part of at least one of every level of an ID theft case, ranging from how criminals obtain identities to how they use them.

“Information compromise is just one component,” Loving says. “An ID thief doesn’t have to phish; he could as easily go dumpster diving for information, then go online to use it.”

Phishing is now a tool mainly of high-end rings associated with international gangs like the Russian Mafia, or Southeast Asian groups, who hire hackers to compromise databases. Cases involving them are usually federal, and much more sophisticated than most local ID thieves.

More likely for the average investigator to see:

  • “Crankster” (methamphetamine addict) dumpster divers.
  • An employee in a local company, abusing privileged access to private information in the employer’s databases.
  • Family-on-family ID theft.

The last trend has been particularly accelerated. ID theft is still prevalent in elder abuse cases. But in a troubling turn, more parents are stealing their children’s identities.

“The parents don’t get reported until the kids are of age and try to buy a first car or get an apartment,” says Loving. “And they can’t get out from under the liability unless they are willing to prosecute Mom and Dad.”

Case management + presentation

“Most people don’t associate case management with case presentation,” says Loving, “but prosecutors consider ID theft cases to be only a step above real estate fraud cases. When you’re dropping what may be a four-inch-thick case file on their desk, how you managed the case will be critical to how you present it, and therefore how it is received.”

A well-managed case contains several elements. “First, identify the cream that floats to the top,” says Loving. “You can’t manage 300 victims, so find out from the prosecutor how many is enough.” Sometimes the case will “go federal,” so local law enforcement and prosecutors need only do so much.

Second, a detailed timeline is critical to success. “A prosecutor will not read every page of your case, so a start-to-finish timeline on each charge helps them,” Loving says. “You include every incident, the elements of the crimes, dates, and amounts.”

Most important of all, however, is not to simply forward the case to the prosecutor once it is wrapped up. “You have to make an effort to form a relationship, talk to the prosecutor throughout the case,” says Loving, who once worked as a criminal investigator in a DA’s office. “They’ll tell you what they like and don’t like about the investigation.”

That relationship is not about micromanaging—it’s about “selling” the case. “You have to get to the point where you don’t need to sell it; they’re already sold by the time you close the case,” Loving says. “In fact, they’re so sold that they ask when they can have it.”

The need for information sharing

Identity theft investigations can be time-consuming and frustrating because it can span multiple victims and jurisdictions—which, at a time when law enforcement budgets are tight, makes them harder to work.

“You can’t always work with victims face to face, and there are usually many more victims than you know about,” says Loving. “The ones you work with are simply those who noticed and talked enough to assist your investigation.”

The most important thing at that point is for investigators to be involved with groups like the International High-Tech Crimes Investigators’ Association (HTCIA). Loving also runs his own 800+ member listserv, a restricted-access Yahoo! Group where detectives from across the nation can get search warrant language, company contact information, and connect with each other on their cases.

“Cops aren’t always good at information sharing,” he says, “but we need to get better as more of these crimes go into other jurisdictions.”

Register for the webinar on Thursday, April 28 — and during the webinar, find out how you can get 10% off the price of WebCase, plus free shipping!

Christa M. Miller is Vere Software’s marketing/public relations consultant. She specializes in law enforcement and public safety and can be reached at christa at christammiller dot com.

The European Union Implements a Cybercrime strategy

Monday, February 23rd, 2009

Although this is from December it is of interest in the U.S. considering our current changes in administration. It was widely reported and most recently as last week from the Greek Forensic Community blog, that, the Council of ministers of the European Union adopted, a “strategy to reinforce the fight against cyber crime.” It is interesting that the country that developed the technology to connect the world is being outpaced in its ability to respond to the crime committed through its growing adolescent by others around the world. They wrote that the strategy should include ” the means of combating the traditional forms of crime committed via the Internet, such as identity fraud, identity theft, fraudulent sales, financial offences, illicit trading on the Internet, particularly narcotics and arms dealing.”

Current U.S. policy tends to deal with only the protection of the infrastructure and not the entire problem surrounding Cybercrime and its deleterious effects on the state of the Internet and our economy. Education about the problem and enforcement actions against the offenders works and should be supported and implemented nationwide.

What are extremely interesting in the EU proposal are the measures that would include “Cyber Patrols”, “Joint investigative Teams” and “Remote Searches”. All of these are a step in the right direction. The EU is also funding Europol to set up a crime reporting system to track Internet crimes that can be accessed by the EU members. This too will aid in the response if law enforcement understands the effective of the crime and can respond accordingly.

The EU’s strategy marks a leap in the acknowledgment of the magnitude of the Cybercrime problem at least in the European Union. In addition their strategy suggests closer cooperation and information exchange between law enforcement authorities and the private sector. This has been a stalwart strategy by many in the U.S. especially those belonging to organizations like the High Technology Crime Investigation Association.

As we have commented before the U.S. now needs to consider the same type of strategy. Cybercrime continues to grow and law enforcement’s skills to investigate it, and the national strategy to deal with it, need to be as sophisticated as the crimes committed.

The new “Cyber Czar” in the U.S. should consider the EU’s strategy early and adopt similar policy for U.S. law enforcement.