High-Technology Crime Investigator's Handbook: Establishing and Managing a High-Technology Crime Prevention Program

By Gerald L. Kovacich and William C. Boni

The high-technology crime investigator's profession is one of the fastest growing professions in the world today, as information security issues and crimes related to them are growing in number and magnitude at an ever-increasing pace. High-Technology Crime Investigator's Handbook, Second Edition, informs professionals of the potential risks of computer crimes, and serves as a guide to establishing and managing a high-technology crime investigative program. Each chapter is updated with the latest information and guidance, including added coverage of computer forensics and additional metrics to measure organizational performance. In addition, nine new chapters cover emerging trends in the field, and offer invaluable guidance on becoming a successful high-technology crime investigator.

• Provides an understanding of the global information environment and its threats
• Explains how to establish a high-technology crime investigations unit and prevention program
• Presents material in an engaging, easy-to-follow manner that will appeal to investigators, law enforcement professionals, corporate security and information systems security professionals; as well as corporate and government managers

• Language: English
• Publisher: Elsevier Science
• Release date: Apr 1, 2011
• ISBN: 9780080468204

Gerald L. Kovacich

Dr. Gerald L. Kovacich has more than 40 years of experience in industrial, business and government security, investigations, information systems security, and information warfare, both in the U.S. Government as a special agent, in international corporations, and subsequently as an international consultant and lecturer. He retired as the Information Warfare Technologist, Northrop Grumman Corporation to pursue a career as an international consultant, lecturer and writer.

Book preview

Goethe

Part I

Introduction to the High-Technology Crime Environment

Outline

Introduction

Chapter 1: What Investigators Should Know About the High-Technology-Supported Global Environment and Its Threats

Chapter 2: High-Technology Crime Miscreants: Profiles, Motives, and Philosophies

Chapter 3: The Basic Techniques Used by High-Technology Crime Miscreants

Chapter 4: The Basic Information Systems Security Techniques Used to Defend Against High-Technology Crime Miscreants

Introduction to the High-Technology Crime Environment

This is the new high-technology crime investigators’ crime scene.

The objective of this section is to provide professional high-technology crime investigators, managers, and supervisors, in either the business or government agency sectors, a basic understanding of the high-technology environment in which we live, work, and play. For high-technology crime investigators to establish and manage a high-technology investigative unit and to conduct high-technology crime investigations successfully, they must have a basic understanding of the topics discussed in Chapters 1 through 4.

In Chapter 1 we provide an overview of high-technology-related threats on a global scale. This is a new chapter, but it incorporates the discussion of basic computer systems (sometimes called information systems) from the first edition, which is an absolute necessity if the high-technology crime investigator is to be successful in establishing and managing a high-technology anticrime unit, to manage and supervise high-technology crime investigators, and to conduct high-technology crime investigations.

Chapter 2 was placed here based on feedback from some of our readers. In it we discuss what knowledge the investigator should have as a basic understanding of these miscreants, their motives, profiles, and philosophies. This chapter provides an overview of these individuals and groups.

Chapter 3 provides the high-technology crime investigator a nontechnical overview of some of the basic methods high-technology miscreants use to conduct their criminal deeds.

Chapter 4 closes this section by providing an overview of the basic high-technology protection philosophies, methods, and processes that are used to protect the valuable assets of the global information environment’s businesses and government agencies.

1

What Investigators Should Know About the High-Technology-Supported Global Environment and Its Threats

Publisher Summary

This chapter provides an overview of high-technology-related threats on a global scale. It discusses basic computer systems, sometimes called information systems, which is an absolute necessity if a high-technology crime investigator is to be successful in establishing and managing a high-technology anticrime unit, to manage and supervise successfully high-technology crime investigators, as well as to conduct high-technology crime investigations. Although the discussion of high-technology crimes and establishing and managing a high-technology crime unit is focused primarily on the corporation, it is also generally applicable to government agencies, nonprofit businesses, and the like.

In this chapter we provide an overview of high-technology-related threats on a global scale. This is a new chapter, but it incorporates the first edition’s discussion of basic computer systems, sometimes called information systems, which is an absolute necessity if the high-technology crime investigator is to be successful in establishing and managing a high-technology anticrime unit, to manage and supervise successfully high-technology crime investigators, as well as to conduct high-technology crime investigations. Although our discussion of high-technology crimes and establishing and managing a high-technology crime unit is focused primarily on the corporation, it is also generally applicable to government agencies, nonprofit businesses, and the like.

INTRODUCTION

The world continues to change and does so more rapidly than ever before. These rapid changes are driven by technology—high technology—based on the microprocessor, which is the engine for all high-technology devices. These devices are known as computer systems, networked systems, information systems, knowledge-based systems, and so forth.

For our purposes, let’s just keep it simple and call computers, whether they be networked or standalone and regardless of their use or configuration (e.g., PDA, cell phone, notebook, networked or nonnetworked desktop), all high technology.

Although our discussion of high-technology crimes and establishing and managing a high-technology crime unit focuses primarily on corporations, the text of this book is generally applicable to goverment agencies, nonprofit businesses, and the like.

We will assume that the high-technology crime investigator has at least a basic understanding of computers and how they operate. This is necessary because the crime scenes encountered by the high-technology crime investigator will be high-technology based, as are the victim’s high-technology devices. (If you need more information about how computers work, a basic intro to computers textbook will suffice; however the more one knows of high technology, the better. Much of this information was addressed in the first edition of this book and is not repeated here because we believe that, by now, you should be familiar with computers and their basic operation and know the difference between a bit, byte, RAM, ROM, TCP/IP, and so forth.)

THE GLOBALIZATION OF THE MARKETPLACE

Unless you have lived in isolation for the past several years, by now you have heard the term globalization. Some have grown to detest the use of the term as much as they have paradigm shift, which has also often been overused in the corporate world. However, the term globalization does convey a vision of an environment, one that most of us live in today. This single word helps us visualize what has gradually been taking place in the business world throughout the centuries and, more important, during the 5 years since we published the first edition to this book. By globalization of the marketplace, we mean that the world is now one big marketplace in which the businesses of the world buy, sell, and trade everything and anything.

Globalization: the process by which social institutions become adopted on a global scale…, the process by which a business or company becomes international or starts operating at an international level.¹

The Global Competitiveness Report 2004–2005² lists the top 15 most competitive nations:

1. United States

2. Finland

3. Germany

4. Sweden

5. Switzerland

6. United Kingdom

7. Denmark

8. Japan

9. Netherlands

10. Singapore

11. Hong Kong Special Administrative Region (SAR)

12. France

13. Australia

14. Belgium

15. Canada

These rankings are probably what you may have envisioned. (See the full report for more information and for the complete rankings of the nations.) The point of all this is that the world is rapidly changing, getting smaller and connected (Fig. 1-1). Furthermore, the more nations that become high-technology driven, the more the miscreants of the world will take advantage of this global environment to damage, steal, and destroy information and information systems of the globally dependent, high-technology-dependent corporations, small business, and the unsuspecting public.

Figure 1-1 The world to talk to the world—from any place to anywhere.

So, because high technology provides the driver and support to globalization—the world talking to the world—the world has gone flat. In his book The World Is Flat: A Brief History of the Twenty-First Century, Thomas L. Friedman³ provides a discussion of the ten flatteners of the world:

1. When the walls (Berlin) came down and the windows (Microsoft) went up

2. When Netscape went public

3. Workflow software

4. Open sourcing: self-organizing collaborative communities

5. Outsourcing: Y2K

6. Offshoring: running with gazelles, eating with lions

7. Supply chaining: eating sushi in Arkansas

8. Insourcing: what the guys in funny brown shorts are really doing

9. In-forming: Google, Yahoo!, MSN Web Search

10. The steroids: digital, mobile, personal, and virtual

By viewing this list, you can get some idea about how the flattening of the business world has taken place. The days of stovepipes (standalone entities within the corporation or within the global marketplace) in the business world are quickly ending. Businesses can no longer afford not to flatten their corporate structure and their part of the global environment if they are to compete successfully for their global market share.

Your crime scene is no longer just a stand-alone, nonnetworked desktop computer system on some corporate desk in New York City. Now, that computer is networked to the other computers of the corporation’s local area networks (LANs), wide area networks (WANs), the Internet, and from there to the world.

As a crime investigator, or even a high-technology crime investigator, you may be wondering what all this has to do with conducting investigations, even high-technology crime investigations. The answer is simple: The global business environment, with corporate computer tentacles attached to about everything and anything in the global marketplace, has become your crime scene; the world may now be your crime scene. A crime scene where, as a law enforcement officer, private investigator, or security investigator, you may lack not only jurisdiction but the global reach necessary to investigate a high-technology crime.

HIGH TECHNOLOGY IS RAPIDLY CHANGING THE WORLD

If you are involved in any activity in which high technology is used as a tool to help you accomplish your work, you will be aware of the tremendous and very rapid advances that are being made in this arena. It is something to behold.

If we look back at the 20th century, we see major high-technology inventions becoming commonplace (Fig. 1-2). Imagine what the 21st century will bring!

Figure 1-2 A brief history of 20th-century high technology.

We are in the middle of the most rapid technological advances in human history, but this is just the beginning. We are not even close to reaching the potential that high technology has to offer, nor are we able to predict its affect on all of us—both good and bad.

"In 1994, people had to call the bank to check their balances. Or inquire in person, or wait for a paper statement to arrive in the mail. Baseball box scores were found in the newspaper. Weather forecasts came over the phone from the weather bureau, or on TV. Then along came the Internet and an experimental browser called Mosaic, followed by an improved browser from Netscape.

And if you had a computer, you discovered a new way to this cool, new thing called the World Wide Web. Mosaic and Netscape were the first popular connection to what came to be called the information superhighway. According to the Pew Internet & American Life Project, less than one in five Americans were online in 1995. Today, the majority of Americans are surfing the Web, exchanging e-mail, reading bank statements and ball scores, checking the weather. Today, Pew says, two out of every three Americans spend time online."⁴

It is said that there have been more discoveries in the last 50 years than in the entire history of mankind before that time. We just have to read the papers and the trade journals to look at every profession and see what high technology is bringing to our world. New discoveries are being made in medicine, and there are expanding online and worldwide information systems; we can now hold teleconferences across the country and around the globe. A short summary of the last few centuries of high-technology advances in calculators and computers have included the following⁵:

• John Napier shows how to multiply and divide using rods or bones.

• Blaise Pascal invents adding machine.

• G. W. von Leibniz invents the adding machine with geared wheels.

• Joseph Jacquard uses card-controlled looms to weave designs into cloth.

• Charles X. Thomas introduces the commercial calculating machine.

• Charles Babbage invents the analytic engine, foreshadowing computers.

• George Boole publishes treatise on binary algebra.

• Charles Sanders Peirce applies Boolean logic to electric circuits.

• Lord Kelvin develops the analog computer to predict