Posts Tagged ‘Law enforcement’

New Book Investigating Internet Crimes Released

Saturday, February 15th, 2014
41wMbTIcmVL._SY300_

Investigating Internet Crimes

Investigating Internet Crimes:
An Introduction to Solving Crimes in Cyberspace

You can find the new book by Todd G. Shipley and Art Bowker on Amazon books and you can  also follow the authors on their blog. What’s being said about the book:

Neal Ysart, Director First August Ltd, likes Investigating Internet Crime by Shipley and Bowker

“At last….. Informed, pragmatic guidance from two highly experienced professionals who  have actually spent time on the front line, not just the classroom.  This book is relevant for  practitioners working in both law enforcement and within business – every aspiring cyber  investigator should have a copy.” Neal Ysart, Director First August Ltd, Information and  Corporate Risk Services

Social Media, Travel, Speeches and FourSquare

Thursday, April 29th, 2010

As much as I try to avoid business travel anymore, the more I seem to do.  Although travel is not bad it can get overwhelming at times and seems to just put me further behind. I did recently in my travels have the opportunity to speak, on an as of late favorite topic, and that is the use of Social Media by law enforcement. Specifically I was speaking on the lack of policy by agencies starting to use Social Media, not only as a community policing tool, but as an investigative tool.

Recently I was asked to present at the first annual SMILE conference or Social Media in Law Enforcement conference in Washington DC. This was a great gathering of various law enforcement professionals interested in Social media and its implementation within law enforcement. My specific piece was on the policy decision behind using social media as a law enforcement tool.  I spoke about the need to have policy to protect the law enforcement officer as much as the agency. I was able to speak with some great talent in the field that are adapting social media for investigative and communicative reasons.

I also had the opportunity to speak at the Massachusetts Attorney Generals Cyber crime Initiative quarterly meeting. The Mass AG sponsors a meeting quarterly on various cybercrime topics. She brings in investigators from all over the state to discuss cybercrime. I was lucky enough to speak on the investigation of social media, and of course hit the topic of policy for law enforcement.  The crowd of over 200 Massachusetts law enforcement investigators was eager to understand more about investigating social media especially as it applied to Cyber bullying cases.

During the two weeks I was gone, connecting to so many investigators in person, I wanted to be sure not to lose touch with my online contacts — not just customers and prospects who email me, but also Twitter and Facebook followers. So, as a smartphone user, I downloaded a new app and signed up for a new program called “Foursquare”. The use of FourSquare allowed me to stay connected on the road from my phone.  I could and did update my Facebook page and my twitter account from my phone with a few clicks of the keyboard.

I found this to be a simple and easy use of the media and received numerous comments back regarding my updates. Many were interested in my travels and found the topics I was speaking on of interest.

Why am I mentioning this? When I talk to groups like these, I want to be sure they understand the value of social networking in their professional lives — not just from an investigative standpoint, but also from the standpoint of being able to network and share ideas with one another. Our increasingly interconnected world makes this an absolute necessity.

Are you on Foursquare, Twitter, Facebook or LinkedIn? Please feel free to connect with me.

Podcast: Todd talks social media, online investigations

Monday, November 30th, 2009

Canada-based podcasting service provider The Daily Splice recently started its own podcast: Law Enforcement 2.0, in which marketer Mike Waraich interviews individuals who are involved with encouraging police departments to “join the conversation” online.

Social media is, of course, beginning to figure into much more than conversation: it’s playing a role in everything from online crime to police recruiting to intelligence. Because all of this information must be verifiable, police need a standard methodology to collect it.

Which is why Mike invited Todd on the show a few weeks ago. For just about half an hour, the two discussed the following:

Defining online investigation in terms of standard methodology.

Would online investigation be less “scary” if the people conducting it knew they could do it without their veracity being called into question? Standardized process counts for a lot, so being able to date/time stamp, “digitally fingerprint” (hash), and log Internet evidence in the same way other forms of evidence are authenticated can make investigators’ jobs a lot easier.

Social media as a “neighborhood.”

Most everyone under 30 (and many over 30) are, in some ways, members of this online space. Just as in a real-world neighborhood, the number of “residents” = number of potential victims. And crimes are being committed, not just on the Web, but in other areas of the Internet which are their own communities. (Think chat rooms, instant messaging and Usenet.)

Whether law enforcement can coexist with community relations.

As long as law enforcement is an active participant in the online community, it cannot be misconstrued as “Big Brother” watching. Instead, it brings community policing concepts to the Web: like a park in a bad section of town, it will stay “bad” unless law officers go there, partner with people who live there to clean it up.

Reputation management.

What people post on the Web is there forever. Some law enforcement officers need to be made cognizant of this fact. Employers look at people’s social media profiles not just to make hiring decisions, but also to ensure their employees are maintaining the standard expected of them.

Part of maintaining that standard is not to avoid parts of the neighborhood which are not well understood or liked. Investigators who do need to understand that the “conversation” goes on without them. Not to be there for it risks missing valuable intelligence and other information.

In other words, as Todd put it, “You may not want to go into a bad neighborhood because you know bad things can happen, but you still need to be there.”

Understanding the neighborhood.

Just as a good cop takes time to learn the landscape and culture of the neighborhood s/he is responsible for, a good Internet investigator takes time to understand where people are online–and where they are moving, what they are talking about, what they are doing.

With hundreds of social sites, this can be hard to figure out much less monitor. But the more investigators learn, the more they can make online investigation part of their everyday work lives, the more efficient they will become.

The conversation wrapped up, of course, with a short discussion about WebCase and where it fits in all this. Thanks again to Mike for the interest. We hope to be able to participate in future podcasts!

Christa M. Miller is Vere Software’s marketing/public relations consultant. She specializes in law enforcement and public safety and can be reached at christa at christammiller dot com.

Gangs on the Internet

Wednesday, September 16th, 2009

Everyone engaged in technology today is using some form of social media. Law enforcement is learning to deal with it and so are the criminals. Gang members have found it to be a great communication source and are regularly using social media to keep in contact. MySpace, Facebook and especially Bebo, have become popular places for gang members to hang out.  The term used to describe gang members activity online is Cyberbanging. Cyberbanging isn’t a brand new term, but it is probably not widely known outside of its gang member users.

General intelligence collection is a task that the web can offer gang investigators. Blogs, social media pages, tweets can all give the law enforcement gang investigator valuable information about the goings on in a gang and potential strife between varying factions.

Law enforcement generally identifies a criminal street gang by having 3 or more members, common symbols or leadership, and gathering together to commit crimes or a continuing criminal conduct (or enterprise). They also generally classify gang members according to one of four criteria: 1) self admission, 2) a reliable informant confirms membership, 3) an unreliable informant confirms, and a second source corroborates, and 4) via confirmed law enforcement source.

The Internet can help identify gang affiliation by finding the members’ self admissions, i.e. photos of gang activity, comments indicating gang activity and being the corroborated source of information. A member’s MySpace page can contain significant information about them and their activities.

Those investigating gang members need to look on the Internet for potential members of their local gangs. Failing to do so could potentially overlook threats or trophy shots of criminal behavior that could prevent or solve crimes. In the worst cases, they may find the evidence to support a murder as a gang related crime as in the Jamiel Shaw case in Los Angeles. By many reports Jamiel was a star athlete. The dark side of his life was his Cyberbanging as a member of the Bloods.  His MySpace page tells a very different story of his life then many people thought. There he allegedly proclaimed his gang membership and flashed gang signs.

Documenting this kind of online activity easily supports a law enforcement agency’s investigation into gang activity.

Sources of Online Information: Some Background

Wednesday, September 9th, 2009

Cynthia Navarro understands how overwhelming Internet searches for information can be. Not only does she do them in the course of her work as a private investigator, but she also regularly teaches law enforcement officers, corporate practitioners, and others about what’s available and how to find it.

Her “Sources of Online Information” webinar grew out of that experience. “The Internet is a tool that augments what you already have and enables you to get more,” she says. “I base my training on how investigators can get what they need. If they need an individual’s professional information, there’s LinkedIn or Spokeo. If they need personal information, I show them what they can and cannot get from various sites, and how that information is presented.”

She also shows how to perform “creative” searches across Web sites, not just in Google but using search utilities included in social networking sites. “Different results come up for my name, Cynthia Navarro, than for ‘Cynthia Navarro’ enclosed in quotes,” she explains. Likewise results that include a keyword combined with a name, such as the individual’s interests or profession.

Sometimes investigators must collect information from people directly, using social networking sites to get personal. Such “pretexting” is necessary because people would not otherwise give up information to someone they know is an investigator. Pieced together with data gleaned from searches, this can become an invaluable means of constructing a case.

Connecting people, connecting identities

Navarro provides numerous examples of the ways it’s possible to use Web-based information to connect people to each other, as well as to find “other lives” they lead. One man she investigated turned out to have a profile on Match.com—as a woman. “People you wouldn’t expect to be associated with certain sites turn out to have a real dark side,” Navarro explains.

They also have certain habits, “things they need to get out there about themselves,” she says. “One CHP officer used his police vehicle and uniform in one of his Match.com pictures. I used him as an example in my classes, and not long after, his profile was deleted. But when he came back later on, using a different profile with different information, he still had a photo of a police vehicle.”

Navarro recognized him because she’d talked about him so much; she now uses the example to discuss how one deleted profile doesn’t necessarily mean another isn’t available.

Keeping up with information changes

Because Web-based information changes so rapidly, Navarro teaches that two things are important:

  • Evidence capture and preservation. “Within just one hour, a profile can go from public to private or even deleted,” she notes.
  • Evidence verification. “Some people post totally false information, so the investigator needs to know where to go to verify that what’s out there is true,” she says. Likewise what they find on information retrieval services, which may not contain the most up-to-date data.

Overall, as Navarro teaches, many different tools exist for evidence capture; investigators must know which are most appropriate for the investigator’s needs at the time. She cites Archive.org as one example of ways investigators can see what a website looked like at a certain point in time.

Most important for investigators to know: “The enormous amount of information at their fingertips,” says Navarro.

Christa M. Miller is Vere Software’s marketing/public relations consultant. She specializes in law enforcement and public safety and can be reached at christa at christammiller dot com.

Surprise!!! The White House Acting Cybersecurity Czar Resigns

Monday, August 3rd, 2009

A not so good announcement today from came from Washington, about the resignation of Melissa Hathaway as Acting Cyberczar. This certainly isn’t a surprise given the inability for the White House to find a candidate. As reported a few weeks ago on Forbes.com the Whitehouse has had some difficulty in recruiting the significant high level Industry executive it’s wanted.

So what does this do for cybersecurity and cybercrime investigation in the U.S.? Nothing, but that is what has been happening for some time now. The direction of the past two administrations has focused in other issues (Bush the War in Iraq and Obama the Economy). Both important distractions but multitasking should the name of the game. The Federal government employs enough people to be able to focus on more than one politicized problem. Simplifying the problem and involve multiple stakeholders in addressing the core issues would be of some help. Unfortunately as an outside observer I’ll I see is a waiting game. Wait until the Czar is appointed and wait until he/she develops a plan, and wait until it is reviewed and wait until we can get the plan funded and wait until congress approves the funding and wait until we can build a bureaucracy to support the project and wait and wait and wait….

Obama may shortly appoint his Cyberczar and we might get some progress on cybercrime but, we also may have to wait awhile.

Cyber Vigilantism or Cyber Neighborhood Watch?

Saturday, March 28th, 2009

Governments across the globe have been trying to deal with Cybercrime and its impact on our communities. Some have done a better job than others in responding to those crimes. The rise in Internet users over the past decade and our dependence on it as a medium for communication has increased the number of concerned citizen users. The Internet is no longer just a tool to do our shopping from our home, or a tool to research a school paper. Through social networking the Internet is truly becoming a community. With those communities come problems, but also concerned citizens, ready to rise up and act in the best interests of their community.

Law enforcement is still grappling with its response to enforcing the law on the Internet. They continue to meet the challenges with mixed results. Because of this enforcement vacuum there recently has been a rise in what can only be described as citizen activists. The rise in social networking has brought together many diverse people. The commonality among them is their willingness to protect their piece of the Internet. As evidence of this are several examples of concerned netizens standing up and taking actions to protect their Internet.

Twitter, the recent social networking phenomenon, gave rise to an incident recently”, as commented on by socialmedia.biz, where a “Twitterer” in Virginia found a threat posted on a Wikipedia page against a school in St. Louis. Enlisting others from the Twitter ranks they tracked down information about the student posting the threat and made plans via Twitter about what to do with the information. The local police department was contacted and the threat relayed. However, the police complaint taker was less than cooperative according to reports and stated he “did not have access to the Web”. Another neighboring agency was contacted and appropriate actions were taken to resolve the issue.

And as far away as China, the Internet is changing the way the people feel about, and communicate. Locating people online has become almost a sport. When unpleasant comments were posted online after the earthquake deaths in the Sichuan province, numerous Netizens researched and attacked the posters online. Even Chinese government officials are not immune from response. With millions of people online, the Chinese government is finding it increasingly difficult to control its citizen’s response to overzealous government officials. Wearing a $25,000 watch in the picture you post on the Internet is not a probably a good idea when your government salary is not enough to cover its cost. The official was later dismissed partly I am sure to the Netizens complaints. In China this growing trend of Cyber-vigilantism is called “renrou sousuo”, or “human-flesh searches”. It is done spontaneously by Netizens to ferret out perceived wrong doers.

To the extreme in this country we have the Texas Border Watch program. This is a novel concept of recruiting Cyber border watchers. Individuals can watch streaming video over the Internet from cameras mounted at various locations on the southern U.S. Border and report suspicious activity. According to a report by NPR, “43,000 pairs of eyes are watching the Texas-Mexico border”. Netizens observations of the border have lead to arrests of wrongdoers.

Cyber Vigilantism is not necessarily new. A few years ago a Korean girl was publically humiliated online after not picking up after her dog on a train. In the late 1990’s Cyber-vigilantism was thought to be a reasonable response to the emerging online crime problem because of law enforcements inability to respond to the problem. Even extremists groups have been tracked by vigilantes on the web. It’s a popular enough concept that Wikipedia has a page defining it.

The dark side of this argument has been groups such as Perverted Justice whose regular work was chasing those who would prey on our children on the Internet. Their member’s antics have been regularly discredited as well as praised for their aggressive and persistent actions which arguably may not be within the law. In the UK recently a law was passed to try and curtail the extreme amount of pornography found on the Internet. The “Extreme Porn” law has given rise to a group, the Enforcers of the Extreme Porn Law, who are dissatisfied with UK law enforcements position about not actively policing extreme porn.

How much have law enforcements response to Internet crime changed in the past decade? Certainly law enforcement has gotten better at dealing with the technology and on many levels their response is better. Many law enforcement agencies are even using social networking sites to communicate with its citizens. But there is no real drive to recruit netizens to become the eyes and ears of law enforcement online. In a recent blog entry by Bill Schrier in his blog “Note from a City CIO” he wrote an article “Twitter, Facebook not ready for Government 2.0”. Ready or not Government will have to address social networking and the netizens on it, more likely sooner than anticipated at its growth rate.

With the isolated examples of netizens reaction to criminal’s online; law enforcement may be missing an opportunity to recruit a neighborhood “Net-Watch” type of faithful following. Law enforcement could guide netizens and encourage their support. With the Internets ability to mobilize vast numbers in response to a crime on the Internet an opportunity exists to establish a major blow to criminals everywhere. People now spend their waking hours, and some with web cameras, their sleeping ones too, online. It may be time for law enforcement to expand its online ranks with properly trained and recruited cyber watchers. It might also be a way of corralling the behavior of some of the Cyber vigilantes that have gone a little far in their attempts to hang online wrongdoers. Look out online criminals, your next door neighbor may soon be watching you.

Threat of Cyber Crime Continues to Increase

Friday, February 13th, 2009

Jim Kouri, formerly the Chief of Police of the New York City housing project in Washington Heights, wrote recently in MensNewsDaily.com about Cyber Crime and its increasing popularity as a criminal endeavor. He rightfully identified that there is a difference between critical infrastructure protection (Cyber security threats) and Cyber crimes (traditional crimes committed through the use of technology). This is far too often overlooked at the national level and appropriate consideration given to both areas. Threats to our critical infrastructure are not the same as Cyber criminals stealing from our citizens. However, from the initial look at a crime, say a “Phishing” scam against a bank, a law enforcement investigator does not know if this criminal act is a foreign state attacking our economic system by trying to make the bank fail, or a teenager from one of the old eastern block countries simply scamming unsuspecting customers out of their funds.

Law enforcement from the outset often ignores these crimes due to the investigative complexity of the crime and the lack of training and tools to effective pursue the evidence. The current economic situation is making things even worse for those agency’s who do attempt to address Internet based crime. In California High Tech Crime Task Forces are being shut down due to the budget crisis. The Northern California Computer Crime Task Force has shut down and the San Diego area CATCH Team will shut down on February 16th. Both of these task forces have made a significant impact on criminals using the Internet to commit crimes. Yet, we are allowing them to close and very little is being done to stop it.

The new administration is due to announce the appointment of its new Cyber Czar. I don’t have a hope for the near future with the President saying one thing before his inauguration:

“As president, I’ll make cyber security the top priority that it should be in the 21st century,” … “I’ll declare our cyber-infrastructure a strategic asset and appoint a National Cyber Adviser who will report directly to me.” (from a speech at Purdue University last July)

And doing another, which is by most accounts putting the new Cyber Czar post several layers down in the Department of Homeland Security. If it does end up in DHS it will be another function unable to deal with the national problem, because the appointee will have to facilitate conversations with the FBI and other organizations outside of DHS responsible for Cyber crime investigation. In addition the new Cyber Czar would have to fight for funding within his or her own organization.

As with the intelligence collection and review issues, as determined by the 911 commission, Cyber crime is another area not coordinated nationally with the many different stake holders in the arena. The better model would be to have the Cyber Czar in the White House with positive control over budgets and agency actions responding to the problem. The National Intelligence Director’s position is the best model for this issue. The problem is not for a single agency to try and solve but it should be the responsibility of a single entity to coordinate the response nationally. Cyber crime is dealt with at all levels of law enforcement in this country, from the City police investigator looking into Vice crime on Craig’s list to International Child Porn rings investigated by the FBI. Yet with all this crime occurring there is no coordination of cyber criminal intelligence or investigations from the bottom to the top.

Lastly, the person selected as Cyber Czar should have a concept of operational response to both the Infrastructure Protection space as well as the Cyber crime arena. They are two different animals and require different skill sets, but complementary responses. We will have to wait and see if the President’s pick is up to the challenge and given the proper authority and resources required to accomplish the mission.

Technorati Tags: ,,,,,,