Computer CrimesComputer CrimesComputer crime is no longer exclusively the realm of the adolescent computer “hacker” who bypasses passwords to enter corporate computers searching for data files and games, as depicted in such movies as War games and Sneakers. More and more, computers are being used in all types of crimes, to include traditional crimes of violence and theft. The investigator of the future must be aware that critical evidence, which can help him, prove or disprove the crime, may be locked away in a computer and/or external storage media and often requires more analysis than part-time, in-house “computer experts” can provide. The successful investigator will recognize that computer evidence is forensic evidence that must be professionally analyzed. (Beare, p. 25-41)
Computers, especially desktop and easily portable laptop-style personal computers are rapidly proliferating throughout society. It is estimated that by the year 2000, 80% of all Americans will use personal computers at home. Virtually all businesses use computers in some way, if for nothing else than to record sales transactions or as a word processor for their correspondence. Yet many law enforcement and investigative agencies do not have dedicated computer crime units. Of those that do, few have the in-house resources either to completely understand and analyze the sometimes complex issues that arise or to fully exploit the information that the computer storage media might contain. The criminal element, on the other hand, is full of individuals who exploit the strengths and weaknesses of computers and find them to be vulnerable targets or, paradoxically, powerful tools. (Charney & Alexander, p. 931-957)
Many articles have been written about computer security and computer crime involving computer security, but few address the potential for the application of computer technology in traditional crimes and the value and availability of evidence that can be obtained from a victims or suspects computer. For the legal professional, law enforcement investigator, or corporate security professional, a thorough knowledge of the potential for computers to be used in criminal activity of all types is critical to combat the many forms of computer crime.
Potential Criminal Applications of a ComputerComputers can be used as the target, tool, or instrument of a crime. Increasingly, valuable information is kept on a companys computers, and is often the target of theft, destruction, or alteration by disgruntled employees, industrial spies, or external hackers. Contrary to popular belief, the outside “hacker” who breaks into a corporations computer system via phone lines and modem connections is rarely as successful as the “trusted insider” who already has access to the system and exploits it for his or her own purposes. Employees being hired away from one company are sometimes asked to bring copies of computer disks with them to the competing company that contain sensitive or valuable data files pertaining to clients, financial records, or research data. Corporate and industrial espionage via computer is increasing. The modern spy no longer needs to use sophisticated miniature cameras or microfilm: Hundreds of pages of computer-stored documents can be carried on a commonly available pocket size floppy disk. In February 1989, a U.S. Army soldier defected to East Germany, taking with him two floppy disks containing key portions of the U.S. General War Plans for Europe, making him the first computer spy in U.S. history. (United States v. Peri, p. 23-45) Disgruntled or careless employees can bring computer viruses into the companys computer system and wreak havoc if effective safeguards are not employed. Corporations are learning that information has value, and can easily be compromised, stolen, or destroyed.
The computer can be a powerful tool used to commit crimes as well, as evidenced by the debit card “cloning” mentioned earlier in this article. In addition, high-resolution scanners are allowing persons to copy legitimate documents, alter the data, and thereby forge new documents with the fraudulent data. In 1994, an individual in Dallas, TX was found to create authentic-looking temporary Texas drivers licenses using his scanner and a laser printer. Insurance cards, money orders, checks, and other documents can be duplicated using easily obtainable graphic editing and publishing programs. Computer stored financial information can be manipulated to cover up embezzlement and thefts. In early 1993, officials at Reese Air Force Base in Texas discovered that a low-level computer operator had altered computerized auditing reports and account records to steal $2.1 million. He was caught only after flaunting his wealth by buying numerous high-priced sports cars. (Green,
(
,
,
,
These were the first serious arrests of computers and disks in history.)
As a result, $30 million in taxes were paid on top of the $90 million stolen from the National Aeronautics and Space Administration.
The resulting loss of $80 million in research and development is estimated to have occurred at about $150 million dollars.
The computer programs used to create false documentation such as phony license documents can be found in most commercial computers, including laptops and servers.
Because of the high-speed Internet connection available at this time, security companies often provide software to run their machines on high-performance servers.
Several U.S. government agencies are working to prevent “remote” manipulation of an Internet data center, such as using proprietary software. This enables such programs to be made, and can then be easily manipulated.
The same vulnerability allows a computer to be hacked using a remote password, as a result of an exploit in an operating system.
The hackers behind the theft of the “computer file” have been able to create large volumes of data at the same time as storing sensitive material in plain text on computer hard disks, using encryption and brute force.
Security researchers, many of whom are not government employees, believe that an important problem that does not require sophisticated computer program analysis capabilities is how the system is compromised by the stolen information.
Crowdfunding is a relatively new way of funding security research and development, and it can be used primarily to buy hardware or software. The most traditional security funds for security researchers would be for security researchers to provide high quality security code (such as code in their own computer program that was modified or modified under different software versions). The purpose of crowding funding security research and development, and developing software that is developed by high quality security researchers at a government, commercial, or philanthropic level, is to offer an incentive to develop software that should make it safer for commercial analysts to examine vulnerabilities in those systems. In addition, the cost of security research and development to the public usually comes from a combination of the costs of software security, security tests, and other funding costs (such as funding from tax dollars or other sources).[/p>
The main method by which the cost of security research and development has increased is the number of developers providing security research and development.[/p>
Because each company is competing for the security of its business, companies in the industry are competitive to hire security researchers without any external funding or special funding from government.
In order for a security researcher to get into funding, he or she must obtain a clearance from the relevant authorities in the country. The most common clearance for a security researcher is provided by the Foreign Intelligence Surveillance Court (of the American Security Council), the Justice Department, and the Office of the Federal Bureau of Investigation.[/p>
The government of the United States does not typically grant to any person who applies for a clearance.[/?url=http%3A%2F%2Fwww.mf.gov/cpsr/info_center%2Fsecurity.html%2F2013_01%21%22%2204] as authorized for the purpose of providing security research and development with regard to U.S. government programs. However, certain national security-related activities are covered under the Foreign Intelligence Surveillance Act:
The government may issue grants under the Foreign Intelligence Surveillance Act to organizations who carry out national security-focused cybersecurity activities.
In 2012, the NSA notified the government that a National Crime Information Center (NCIC) had opened a computer security program called “T-Mobile