Crimcast welcomes cybercrime specialist Art Bowker to discuss his new book, co-authored with Todd G. Shipley, titled Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace. Bowker has nearly 30 years experience in law enforcement and corrections and has written extensively on cybercrime, law enforcement, and corrections. His last book, The Cybercrime Handbook for Community Corrections, (2012) was geared toward managing offenders, including offenders’ Internet use and participation in social media. The book was the first of its kind that focused on cybercrime, pretrial, probation, parole and community corrections.
In 2013, Bowker was recognized by the American Probation and Parole Association (APPA) and the Federal Probation and Pretrial Officers Association (FPPOA), receiving the APPA's Sam Houston State University Award and the FPPOA's Richard F. Doyle Award, National Line Officer of the Year and the Thomas E. Gahl, Line Officer of the Year Award (Great Lakes Region Award) the latter of which is named in honor of the only U.S. Probation Officer killed in the line of duty. These awards all centered on his contributions and efforts in managing cybercrime risk and promoting awareness and knowledge of cybercrime in the field of community corrections. Bowker continues to also write the top rated corrections blog, The Three C's (Computers, Crime and Corrections).
You have a background in law enforcement and corrections. How did you become interested in the study of cybercrime?
First, let me thank you for providing me this opportunity to talk about cybercrime and our new book. My interest in cybercrime dates back to the late 1980’s. I came to the realization that such crimes can have a greater negative societal impact (loss or harm) than many traditional offenses. At that time cybercrime was really the purview of the technically sophisticated or those with access to the victim’s computer system. However, that all changed with the development of “user friendly” technologies. Today, anyone can use the computer to commit crime. Computers and more specifically, the Internet have really changed criminal behavior and how we deal with it. Kids today, with a computer, can commit crimes that previously required one either being an adult and/or access to very expensive equipment. We also have “traditional” offenders adapting computers and the Internet to commit both old and new crimes. The Internet also means that the criminal and their victims can be located anywhere and they don’t even have to have met in the “real” world. The ability to be anyone online and seemingly obtaining complete anonymity also makes these crimes even more challenging for investigators. The increasing use of technology by sex offenders is also very troubling.
Additionally, these criminal behaviors are not static but continue to evolve as the technology changes. Take social networking sites for instance. With their development we have really seen an increase in such crimes as Internet harassment offenses (cyberbullying and cyberstalking) and their negative effect on victims. The development of online gaming has also seen offenders going into virtual worlds to commit crimes. The question is, are we seeing truly new crime or are old ones just evolving? How do we (society and the criminal justice system) address these changes? It is really fascinating and at times scary.
There are numerous cybercrime and/or computer forensic books and texts out there. How is thisbook different?
Let me start by saying that this book developed out of my association with my co-author Todd Shipley. Todd has been at the forefront of Internet investigations and is an International expert in locating, collecting, preserving and documenting online evidence. He also holds the U.S. patent, US 8417776 B2, for Online Evidence Collection. We initially meet when we were both International officers of the High Technology Crime Investigation Association (HTCIA).
During a weekend telephone conversation we both discussed and recognized a need for a resource specific to Internet investigations. Todd happened to have started a draft outline, which we built into our text. From the start we wanted to provide to the investigative community a reference book that would help guide them in dealing with the growing issues of Internet related crime. We heard the frustration with the lack of published material specific to Internet investigations, as opposed to the numerous computer forensic texts. This book was intended to fill the void and provide a focused approach to investigating, documenting and locating Internet criminals. We believe we hit the mark based upon the positive feedback from numerous law enforcement professionals, who believe our text should be required for all new investigators as well as their supervisors and managers. We were recently pleased to hear from one law enforcement professional who read our book and reported that he had recently used the book’s material to successful work several criminal cases. This is exactly what Todd and I wanted for our book!
The target audience of this book is Internet investigators. Do most police departments have investigators focused specifically on Internet crimes, or are these tools and skills something that all investigators should become familiar with?
Before I answer that, I think we have to consider the term “Internet crimes” . Most folks hear the term Internet crime, cybercrime, or computer crime, and think of computer intrusions, hacking, etc. However, criminal acts on the Internet are as varied as there are crimes to commit. Texts have been devoted to the investigation and prevention of computer intrusions and hacking. Our book's primary focus is to provide law enforcement with the basic skills to understand how to investigate traditional crimes committed on the Internet.
Many police departments have computer crime units, which focus on hacking, intrusions, etc. and they may even include a computer forensic examiner or two. However, even in these department they can quickly become overwhelmed if every crime involving the Internet was handled exclusively by their unit. Most small departments have little ability to respond to Internet based crime.
Many times these cases get sent to federal agencies for their attention, which may or may not follow up based upon the loss or harm involved. The point is all crimes committed or facilitated through the Internet are too numerous to be solely addressed by specialized units and/or the federal agencies.
There is also an erroneously held belief by some in law enforcement that Internet crimes are not their problem, noting “The Internet is not my Jurisdiction.” This belief fails to recognize that victims and/or offenders may in fact be in their jurisdiction. No police department should be ignoring Internet crimes effecting their community or criminals operating in their area, abet online.
Todd has a saying, which I fully support, “Make the Internet your regular beat.” We believe that all officers, from the patrolmen up to the chief, have to understand Internet crime and its investigative process. We also believe that agencies must have an online presence to not only investigate these cases but show that they patrol and prevent them when possible. In short, all law enforcement in the 21st Century needs to be able to address crimes with an Internet component.
I would also add that we believe civil investigators need to have the skills and knowledge our book covers as civil matters are increasing having an Internet component as well.
The book does a great job of breaking down complex concepts and technical jargon into a readable narrative. What advice would you give to investigators (or students) that are hesitant to invest time into learning about cybercrime because it seems “too technical?”
First, I think you have to dispense with the idea that anyone involved in law enforcement in the 21st Century, can just let crime involving computers and/or the Internet be left to someone else. More and more evidence involves data found on computers or the Internet. Even crimes that had nothing to do with the Internet leave online traces to witnesses and even evidence. Take the example of the Boston Marathon Bombings. The bombing had nothing to do with the Internet. However, witnesses, photographs, etc. were obtained from Twitter traffic from individuals on the scene after the attack. These leads were eventually capitalized to correctly identify the suspects. Another example is the sex crime case that occurred in Steubenville Ohio. The crime itself had nothing to do with the Internet. However, the social media traffic by witnesses and suspects no doubt played a big rule in the investigative process of the crime. So you see it really is not a choice of whether they should invest time in developing these skill and knowledge. It will be a necessity if it isn’t already.
Okay, now for my advice for how one goes about gaining cybercrime knowledge. It is really the same answer to the question of how one goes about eating an elephant. You must do it one bite at a time and in more than one siting. The same applies to learning about cybercrime. You take small steps; digest the information and then move on to the next topic. I think our book is the first step in that process. To be a modern investigator one doesn’t have to become a computer forensic examiner. However, you do have to know where online evidence can be found, document it, collect it and preserve it. Our book lays out that foundation as it pertains to Internet evidence.
What would you say is the single biggest challenge that investigators face when investigating cybercrimes?
Probably the biggest challenge is when criminals really understand how to be anonymous online and rigorously use the processes and techniques to conceal their identity. This is a challenge but as we have seen in the recent arrests involving Silk Road and other sites on Tor, even the so called “smartest” criminals make mistakes. Investigators have to be prepared to capitalize on those mistakes whenever and where ever they occur.
In the book, you devote sections to topics such as tracing IP addresses and gaining anonymity online. The information you provide is technically “public” knowledge but it is certainly not common knowledge. While writing the book, did you ever feel the danger of giving away too much information? That is, reporting information that may be exploited by cyber-criminals?
This is a very good question. You are right this information is readily available online. It really is no secret. More and more criminals are aware of these techniques. If not, they do online research to find out how to do something. The problem is that there are probably more bad guys than good guys that are aware of these techniques. We hope our book tips the scales in favor of the giving the good guys the informational edge. However, there were a few times where we did leave out details concerning a sensitive high tech law enforcement technique that was not widely known.
You mention that police may use the Internet in a reactive (responding to crimes after they have occurred) as well as a proactive (efforts to prevent crime) manner. What are the most pressing legal/ethical issues with regard to proactive Internet investigations?
Agencies and their investigators have to do their job in a manner that enforces the law but does not violate their citizenry’s rights. Some of the issues concern entrapment, privacy, and in the United States the Bill of Rights, such as freedom of speech, association.
To help make sure agencies are on right side of the legal and ethical issues, before doing proactive Internet investigations the following should occur: 1) have a policy governing the investigation of Internet crimes; 2) have a defined plan of the investigation before going online; 3) use a computer that if compromised will not allow for further compromise of the agency or company network; 4) obtain training for the investigation of Internet related crimes; and last 5) understand the changing legal landscape regarding the use of information you find on the Internet.
This is not just for the law enforcement agencies either. Corporate and private investigators also need to follow these principles.
Can you tell us what you are currently working on? Can we expect another cybercrime book from you in the near future?
Well, now I am keeping pretty business discussing the book and trying to get it the hands of law enforcement and investigative communities. Even so, I have some ideas, such as a book to help the general public minimize their cyberrisk and stay safe online. We will see.
And, finally, what the hell are bitcoins??
Ha Ha, good question. Bitcoin is a digital currency created in 2009 by a pseudonymous developer Satoshi Nakamoto. They are created by individuals using computers which create this cyptocurrency by solving mathematical equations. These equations verify and record all bitcoin transactions payments. In exchange for using their computer resources to run these equations individuals received transaction fees in the form of bitcoins. This process is called "mining." No one regulates the creation of bitcoins. It is all through the solving of these equations, which all record all bitocin transactions. A set amount of bitcoins is to be created, 21 million bitcoins I believe, which is estimated to be reached by 2140. Most bitcoins are obtained not by mining but by exchanging regular currency for bitcoins. They can also be converted back to regular currency for a fee. Current exchange rate on February 4, 2014, was 1 Bitcoin = $803.99. The exchange rate is still rather volatile.
Bitcoins allow individuals to buy and sell goods without a third party entity, such as a bank or credit card processing company. Bitcoin owners are identified not by their name but ownership of a cryptographic keys. These keys make up the bitcoin wallet. This gives individuals a sense of anonymity, which criminals want, when dealing with illegal transactions.
Bitcoins have been used to purchase legal as well was as illegal goods. The Silk Road arrests noted earlier involved individuals allegedly selling drugs for bitcoins. Individuals also like bitcoins because there is no government controlling its value, such as by determining how many are in circulation at anyone time.
Besides being used for illegal transactions, bitcoins also can be a target for theft or fraud. Whether Bitcoins become fully accepted by the market place is still up in the air. The interesting thing again is technology has created a new currency, which can be used for good or criminal purposes.