Printer Friendly

Teaming up to fight computer crime.

COMPUTER-RELATED CRIME IS one of the most challenging problems facing American industries today. Computerrelated crime has been escalating at a dramatic rate, but very little detection has been made compared to the magnitude of the problem. What detection has taken place, unfortunately, has seldom resulted in prosecution. If this problem is not addressed, computer-related crime will be a threat equal to the crack cocaine epidemic that engulfs our nation.

As professionals, we are concerned about computer-related crime for many reasons, not the least of which is the cost. I don't think anybody knows what it is really costing us, but we do know the burden is staggering.

We all know about hackers - people who surreptitiously enter systems and intentionally and maliciously destroy or steal data. However, the real concern is white-collar criminals-the insiders who have the confidence of management and then reward that confidence with fraud, embezzlement, larceny, and sometimes even sabotage.

The list of computer-related, whitecollar crimes is almost endless. With the help of computers, these criminals are stealing money, property, and confidential information. Some employees are even setting up their own businesses using government or company computer time and equipment.

Each day computers are becoming more and more user-friendly, which often means criminal-friendly. If we don't take aggressive action now, what will the situation be like in the year 2000?

You can do something. By developing an investigative team, you can effectively reduce the affect computerrelated, white-collar crime has on your company. This team, composed of a coordinator, an investigator, an information system specialist, and an attorney, is the place to begin.

The coordinator. Depending on how your company is organized, the director or manager of security should be the team leader or coordinator. The coordinator's responsibility is to ensure details don't fall through the cracks to be the glue that holds the team and investigation together.

He or she must ensure colleagues communicate through team meetings. The team might get together daily or weekly, depending on the investigation, to talk about its progress. The coordinator also represents the team before top management and law enforcement officials.

The accompanying chart gives some brief but helpful hints on organizing a team for investigating computer-related crime.

The investigator. Depending again on your company's organization as well as its resources, the coordinator may be the investigator; outside investigators may also be used. In any case, the investigator conducts interviews, interrogates suspects, sets up surveillances, and conducts background investigation on key suspects. He or she also provides investigative support to the other team members.

The information systems specialist. The information systems specialist should be knowledgeable, objective, able to maintain confidentiality, able to operate through procedures and under direction, and suitable as an expert witness.

The information systems specialist must be knowledgeable about all the computer systems involved. He or she must understand the hardware and software environment in which the systems operate.

Normally, you would look for a specialist within your own organization. However, you may be selecting an individual involved in the crime. You have to make an informed decision as whether the person, though technically the best, may be involved in the crime.

Data processing personnel are not required to maintain confidentiality in the normal course of their business. But clearly you can't have somebody walking around the data processing department saying: "Guess what I did? I dumped Sally's computer, and she's a crook!" Aside from the likelihood that you'd be sued successfully, it could destroy your investigation. Ensure that whoever you work with is sworn to secrecy and is credible.

Very often, data processing personnel function alone, and their work may not be well documented. Without such documentation, it is difficult to sell a case to a prosecutor. You want a person who will work under direction and as a team member and will follow a documented set of procedures.

Take, for example, an investigation in which you are searching for a piece of a minicomputer. You don't want your specialist sitting at the computer keyboard, typing away at full speed with the disks and tapes spinning and the printer printing a mile a minute without informing you what is going on.

The specialist may present you with a printout that proves the case, but you can't figure it out. How can you testify in court? How will you explain whether there was decent control of that evidence or whether it actually is evidence?

If your case goes to court, you will need to have someone on the stand who can explain the technology-someone who speaks in layman's terms. For example, if your specialist is asked while on the stand how much data was stolen and answers " 20 megabytes, " that person should also be able to explain the significance of 20 megabytes in relation to a regular typed page so the jury can understand.

The attorney. The attorney must develop an educational relationship with the other team members-the coordinator, the investigator, and the information systems specialist.

The attorney must school the other team members in the legalities of conducting suspect interviews and in finding and acquiring the right evidence to make a successful case. Investigators can't just break into an office, empty out a filing cabinet, and grab the records. Computer-related evidence, which is stored on magnetic media, must be preserved as it was originally created. You must be able to prove it is original evidence in court at a later date.

For example, you may think you can simply seize a Lotus spreadsheet and analyze it. However, do you have a copy of Lotus? Is it the right version of Lotus? Do you have a computer you can run it on that is compatible with the computer involved? Do you have a way of getting the information from a computer that might be bolted down somewhere so that you can testify it is an accurate copy of the evidence?

The team, in turn, must educate the attorney about the technology involved in computer-related crime and how magnetic media can be acquired and kept safe for court.

For example, you can't carelessly put a sticker on something like a diskette. If you put an evidence label in the hole where the plastic is, you will erase the data. Obviously, the cost of doing a computer-related crime investigation can be high. This two-way education is critical.

Forty-seven states have some form of computer crime law. The laws range from the very simple to the most complex. Whether it's a state court or a federal court, the attorney has to know what the appropriate statute is and what evidence is needed for a successful prosecution.

The attorney has an additional role to sensitize corporate management to the legal implications of the computerized environment. The attorney can do this by encouraging management to prepare a policy to deal with computerrelated crime. Policies should be in place to direct people on how to respond to a computer-related crime.

The attorney then must acquaint top management with future implications. In these processes, the attorney will become very valuable in counseling both the team and management.

An additional aspect is critical to the success of the team; it has to do with sales. Having someone schooled in law sitting across the table from the prosecutor is very valuable in selling the case. This will provide an edge as your organization competes for law enforcement and prosecutorial resources. An attorney can impress these bodies with the value of the company's proprietary information and its standing in the community.

Thus, if you have somebody who can talk to law enforcement people about the legal implications of a lawsuit or criminal case, you will be in a much better position.

Computer-related crime is one of the key security challenges for the 1990s a challenge that requires a team approach to reduce the impact on corporate America. Build your team now. Work with the team to build controls into your systems that will allow you to prevent, detect, and investigate computer crimes effectively. If you wait until a computer crime is committed, it may be too late.
COPYRIGHT 1990 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1990 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:includes information on keys to success
Author:Littlejohn, Robert F.
Publication:Security Management
Date:Jul 1, 1990
Previous Article:Understanding your shrink.
Next Article:Don't take the fall.

Related Articles
Cyber-crime on the rise.
Crime Busters: Who Are You Going to Call?
Hurdles to Cyberjustice.
Ashcroft Antes Cybercrime CHIPs.
On patrol in cyberspace: a look at progress among local, state, and federal efforts to combat cybercrime, including credit card fraud and identity...
Team approach to cybercrime.
New technology and old police work solve cold sex crimes.

Terms of use | Copyright © 2016 Farlex, Inc. | Feedback | For webmasters