Special Report: Digital investigations: difficult, expensive'and necessary

The bank robber Willie Sutton famously said in the 1930s that he robbed banks 'because that's where the money is.' So no one should be surprised today at the extent of crime in cyberspace'from credit card fraud to identity theft to 'Nigerian bank' scams.

Every other week, it seems, reports surface about stolen personal information'sometimes on a grand scale, and sometimes involving the identities of government employees.

But these cases, as numerous and high-profile as they are, reflect just a small number of the roles computers now play in criminal acts.

'A computer can be used in almost any crime, whether they're keeping their books on a computer or doing research' for a planned crime, said Ovie Carroll, a special agent in the computer crimes unit of the U.S. Postal Service inspector general's office.

At the same time, computer forensics also is becoming a necessary function for agencies whose missions seem unrelated to law-and-order issues.

Agencies 'need forensics for day-to-day personnel matters,' said Mike Gibbons, former head of the FBI's computer analysis response team, now vice president of federal security solutions for Unisys Corp.'s U.S. Federal Government Group. 'There are standard business issues'discrimination, harassment.'

Organizations are struggling to keep up.

'There are thousands and thousands of fraud examiners who examine anything having to do with fraud,' said George Bar, director of marketing for Intelligent Computer Solutions of Chatsworth, Calif. 'Most of these guys are in their 40s, with a lot of experience in auditing, but they find it hard to adjust. ... They're used to coming to an office, opening drawers, files, etc., and finding everything. In the meantime, since the 1980s, everything they're looking for is now on a small device called a hard drive.'

Trying to find the right documents in a mass of data is equally daunting. The records held on a 512MB thumb drive, if printed and stacked, would reach the height of the Washington Monument, Carroll said. (That's 555 feet, if you're curious.)

To meet the challenge, computer forensics has emerged as a fast-growing specialty within law enforcement, and many agencies either are developing in-house capabilities or making arrangements to draw upon others' expertise.

'Five years ago a computer forensics expert would be part time,' Carroll said. 'Now it's becoming a career discipine. In many law enforcement agencies it's a two- or three-year tour of duty.'

But it's also an expensive proposition. David Trosch, branch chief of the computer investigations and forensics unit of the Diplomatic Security Service at the State Department, said the high-end computers his group uses cost $7,000 to $8,000 each, and each workstation has at least three or four of them.

'They're not your usual desktops'they have serious crunching capabilities,' he said.

The USPS' Carroll said manpower requirements are just as costly.

'It's very expensive to recruit and retain professionals,' he said. 'There are many disciplines in law enforcement and the federal government. You go through the initial training to qualify to do the job, but beyond that there's not the burden for recurring training. Computer [forensics] is the complete opposite'you have to do recurring training.'

And the government faces an uphill battle, because the lure of the private sector in such a hot field is always there.

'Once you go to work for a company on the outside, it's really a very sought-after and expensive job,' Unisys' Gibbons said. 'I literally hired someone for over $100,000 a year, and he was hired away within two weeks when he got a $50,000 bump.'

But the investment is a necessary one.

'I think we have to stay very vigilant, extremely vigilant to cybercrime, and that's an expensive endeavor,' Carroll said

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above