Go back

Computer Forensics and National Security

	Editor Erik Laykin comments on the significance of Digital Evidence gathering and the relationship between the Federal Government and Corporate America.
	Commentary: Computer Forensics and National Security: Where does the buck stop? Posted: Aug 23 2002 By Erik Laykin Recent American studies have shown that the average Internet enabled American worker wastes close to 25 percent of their workday surfing the Web, communicating with friends and engaging in activities that are unrelated to their job. Some business owners today, consider this type of activity to be the most fundamental information technology fraud perpetrated on investors, shareholders and the management of American companies. Irrespective of sophisticated information technology fraud and failures involving insider trading, intellectual property theft, and misappropriation of company assets; the simple act of multiple employees collectively wasting their time on personal matters is enough to drive the overall value of any corporation southward. Consider a simple calculation, a Fortune 1000 company with 20,000 employees, 5000 of which have Internet connectivity, pays an average salary of $45,000 per year across the group. In the above equation, the company would be paying $225 million in annual salaries to the 5000 connected workers. If we were to assume that those 5000 workers suffer from the national average of wasting 25 percent of their workday surfing the Web and being generally unproductive, this would equate to a total wastage of over $56 million. In other words, employees who are trading on Ebay and reading the news on CNN.com are defrauding this sample company of $28,125 per hour. For the cost of one days worth of waste, the company could hire a small staff of specialists to monitor the usage of the corporation’s network. The result would be an immediate increase in productivity through the enforcement of already existing corporate policies and procedures. In recent cases, OnlineSecurity has uncovered massive employee fraud such as the deliberate misappropriation of intellectual property. In each case, corporate managers, executives and investors have been very interested in plugging the holes that allow those vulnerabilities to be exploited. However, rarely does a manager or corporate executive take the steps necessary to increase productivity and remove inefficiency through the utilization of computer forensic and network monitoring tools to abate such fraud. The investigator of information technology fraud working in concert with corporate executives and corporate counsel has a wide variety of tools that are available. These tools perform various functions in the course of an investigation of the day-to-day management of a business from the perspective of reducing risk. OnlineSecurity’s exclusive EPP (Employer Protection Program) and off-the-shelf monitoring tools can be quickly deployed to put the power and control back in corporate hands. They will also allow modifications of work schedules, techniques, systems and employee behavior that can be effectively implemented in real-time. Recent high-profile cases in which the FBI has uncovered child pornography distribution rings throughout the United States, have implicated members of every strata of our society. Only through the thoughtful and preventive application of network analysis and data capture systems can an organization prevent these types of fraud from taking place. The damage to an organization’s reputation caused by public awareness of this type of fraud is irreversible. The United States government, through various organizations, including local state and federal agencies has worked in recent months to create functions that will help alert, identify and mitigate information technology risk. However, as a clear result of the lack of integrated communication between various government agencies and the private sector, it is clear that not only are the multiple agendas overlapping, but many of the new systems which are being constructed do not take into consideration the realities of everyday corporate and personal life. The federal government recently announced that the national monuments of Washington D.C. will be subject to 24-hour video surveillance which will be enhanced with face recognition applications, capturing data of every visitor to the monuments. Additionally, the FBI is now insisting that the “Carnivore Program” (which captures private emails) be installed at every Information Service Provider (ISP). With these two developments, one has to question what checks and balances are in place to ensure that government is not overreaching it’s mandate and to ensure that personal privacy is protected. This week, President Bush asked Congress to approve removal of medical privacy clauses in current law that protect consumers from medical or government organizations trading personal and private medical data without the written consent of the patient. In it’s zeal for unfettered access into the private lives of ordinary Americans, under the guise of protecting us from the wrath of terrorism, is it possible that the federal government is embarking on a ‘land grab’ for our constitutionally protected rights. A case in point is the United States Federal Bureau of Investigations recent proclamation through Director Mueller that it is their intention to scrap the National Infrastructure Protection Center otherwise known as NIPC. This inter-agency center has provided vital daily information collected from various sources to the public and private sector. While it is clear that the center got off to a rocky start, it is important that their mandate continue to be developed and pursued. NIPC has been instrumental in forging alliances with the private sector through an FBI program known as INFRAGARD. This important program has allowed for an open dialogue between private and public sector officials. INFRAGARD’s primary mandate is the protection of the critical infrastructure of the United States through joint cooperation between private and public entities and is regionalized city-by-city and sector-by-sector. Is the proposed dismantling of NIPC a first step to the dismantling of INFRAGARD? Is it a step closer to a government that may act unilaterally on issues pertaining to personal liberty? Congress has felt much frustration due to the inaccessibility of Gov. Tom Ridge’s Homeland Security office. Many in the information technology and security industries share the sense that he has been unaccountable for the office’s direction and expenditures. This sense of frustration was illustrated recently by Senators George Allen of Virginia and Ron Wyden of Oregon who introduced a bill in the Senate that would allow the private sector to have fast track access to government leadership in emergencies that involve high technology. Currently, any private citizen or corporation that has a technology or service to offer for a fee or free would be hard pressed to get the response of a government body or official during a time of crisis. This bill would provide $35 million in grants for improved communications between emergency personnel and members of the private sector. It has been noted by Sen. Allen that this bill would "help remove whatever shackles there are on private enterprise so that government and the American people can benefit from their innovations." The bill would create teams of high-tech experts who would volunteer to help during an emergency, similar to existing programs for search-and-rescue and medical volunteers. This national reserve of experts, who could be contacted by emergency personnel, would assist the United States agencies into recovering from cyber attacks on computer networks and would cut through the red tape which currently prevents the private sector from assisting government agencies. The role of security managers and information technology specialists within corporate enterprises is more important than ever, particularly from the perspective of assisting in the identification of financial fraud and politically motivated terrorist acts. The front line weapon of these battles is our ability to monitor real-time and historical data on computers, servers, routers and other systems that comprise a worldwide network of communications. Once in place, these systems can make the difference between success and failure for the corporate entity. The significance of computer forensics and digital information gathering within our personal lives and the corporate enterprise has never been greater. Large questions loom on the horizon in terms of how much of that data will be available to whom and when. Today, more than ever, it is important to protect and maintain the sovereignty of both personal and corporate entities so that they are not overshadowed by the power and authority of an omnipotent federal government. However, it is also clear that neither can live in a vacuum and it is vital that structures are created and supported on both sides that will allow for a regulated and supervised flow of communications. Information Technology Security professionals today are seeing a greater appreciation for the relevancy of their work as it is becoming clear that we are entering a stage within the information revolution in which our corporate and personal lives are intertwining themselves with the intelligent data networks in a significant and tangible manner. It may be said that we are structuring modern American society in a fashion similar to that of the world’s first human Cyborg: Professor Kevin Warwick, 48 of Oxford England who this week has successfully connected his nervous system to a series of computers which are now monitoring his every impulse and registering those to create the world’s first index of encoded human movement. Go Top