Security News > 2004 > July > Book excerpt: High-Tech Crimes Revealed: Cyberwar Stories from the Digital Front

Book excerpt: High-Tech Crimes Revealed: Cyberwar Stories from the Digital Front
2004-07-22 11:51

http://www.computerworld.com/securitytopics/security/story/0,10801,94643,00.html [ http://www.amazon.com/exec/obidos/ASIN/0321218736/c4iorg - WK] Book (Excerpt) by Steven Branigan JULY 20, 2004 COMPUTERWORLD This excerpt is from Chapter 3, "If He Had Just Paid the Rent" from High-Tech Crimes Revealed: Cyberwar Stories from the Digital Front "The prisoners will not be harmed, until they are found guilty." -Q, in "Encounter at Farpoint," from the television series, Star Trek: The Next Generation Introduction The problem with many criminals is that they get addicted to illegal behavior. The excitement that comes from committing the first crime has its roots in the fear of getting caught. If they don't get caught, they are encouraged to do it again and possibly again. As they get away with more crimes and infractions, they begin to feel untouchable. Eventually, they feel like they can commit any crime and get away with it. Fortunately for us, that becomes their fatal flaw. All of these little crimes eventually catch up with them. This is why police training teaches cops to investigate small crimes, because they can lead to the discovery of much larger ones. Of course, you can never tell when a small incident will turn out to be nothing or become a pretty big deal, so it is important to examine them all. Take the case of our new friend, Wesley. He was renting an apartment in New York City for about $2,000 a month. NYC is a tenant-friendly city, so it is difficult to evict a deadbeat occupant. It did not take much for Wesley to figure this out, and soon he stopped paying the rent on his apartment - which went on for months. As you might imagine, his landlord William didn't like this at all. William was getting weary of trying to chase him down to collect the rent. He would get evasive answers and empty promises of payment, but no money. After six months of fighting for some attention, he had enough and decided to proceed with legal action. It was time to evict Wesley. It was not an easy route, but the way he saw it, he simply had no alternative. The eviction William hired a lawyer and filled out the necessary paperwork to start the eviction process. In NYC, this can be very tricky, and trying to do it without a lawyer is often a mistake. The process requires a final, formal demand for the rent. Once this is done, and after a few more steps, the case can go to court. Only through a trial can the landlord get the legal authority to forcibly evict the tenant. When he gets the judgment in his favor, he gets a Warrant of Eviction, which empowers the government to physically remove a person from his rented home. In this case, Wesley went without paying the rent for six months before the Warrant of Eviction was finalized and assigned to Sheriff Yar to execute. Expulsion can be either difficult, or more difficult. Difficult is when the tenant is in the place at the time of the eviction. The Sheriff lets the tenant take his personal belongings and escorts him out of the apartment. The more difficult option is when the tenant is not there. The Sheriff then needs to forcibly enter the apartment and remove the personal property that is inside, usually putting it on the street. Either way, once the process has been completed, the apartment is turned over to the landlord. Tenants can usually sense that they are about to be kicked out of their residence, especially when they haven't been paying rent for a while. By that time, they have usually vacated the apartment, taking away anything of value. Wesley wasn't this bright. There was no one home when Yar arrived, and it was beginning to seem as if Wesley had skipped town. Because William was there as well, he was more than happy to open the apartment for Yar. Upon entry, it was obvious that Wesley had not cleared his apartment out, as there were quite a few televisions and other strange electrical equipment. This seemed very odd, and Yar immediately suspected that the apartment was being used to store stolen goods. Because the equipment might have been considered evidence of a crime, leaving it on the street was not an option. He needed help and wanted to contact the NYPD to have them check it out, but what was he going to do with the apartment in the meantime? Unfortunately, since this was not an emergency, he could not call and wait for them. Instead, he would need to set up a time when they could come by and in the meantime secure the site to prevent Wesley from coming back in. He could not let William have his place back -- not yet. Oh great, William thought, he would have to wait even longer before he could rent out the apartment again. So Sheriff Yar padlocked the door, put some yellow tape across its opening, and posted a notice that an eviction warrant was being served. He wanted to make sure Wesley was not going to be able to remove or destroy any of the evidence. Now he could go contact the NYPD. Wesley arrived to his "apartment" later in the day to find out he was being evicted and could not get in. Panicked, he called William and was informed that he was being expelled because he failed to pay rent for six months, owing $12,000. Wesley profusely apologized and asked to meet with him to take care of his debt. William told him that he would take only cash, no checks, because he knew it was his only chance to get the money he was owed. Somehow, in a matter of minutes, Wesley got the money together to pay his overdue rent. It was hard to believe this was the same guy that was hard to find and unwilling to pay just a couple of days before. William could not believe his eyes and eagerly took the cash. Wesley, after taking a deep breath of relief, asked to be let into his apartment. William told him that now he would need to speak to Sheriff Yar, because that's who now had control over the apartment. Wesley got really upset and tried to argue to get his money back, but William, being a true New Yorker, knew better than to give him the cash back. Getting the back rent paid was a nice surprise for William, but since Sheriff Yar had the apartment, he still did not have an apartment to rent. The NYPD cops arrived quickly to inspect the apartment. They immediately determined that the "TVs" in the room were actually computer monitors. The "other electrical stuff" was computer and networking equipment. With that mystery solved, a new one arose. What were all of these devices being used for? This was a residential apartment, not an office, so this equipment seemed very out of place. The cops were unsure as to how the equipment was being utilized and decided to play it safe. They posted a couple of officers to guard the place and left. They decided to leave the apartment and find a law enforcement agency that specialized in computer cases. In NYC, Supervisory Special Agent Robert Weaver of the New York Field Office of the U.S. Secret Service had just recently started an experimental multijurisdiction, multidiscipline task force known as the New York Electronic Crimes Task Force (NYECTF). It is comprised of agents from the Secret Service, the FBI, the NYPD, and the State Police, along with representatives from the high-tech industry that specialize in computer crime investigations and computer forensics. The NYECTF, with its diverse makeup and expertise, was designed to handle cases just like this. The NYECTF agents accepted the case but were not able to come down to inspect the location immediately because they needed to get a search warrant. As we are well aware, those can take a couple of days to get completed. So in the meantime, members of the NYECTF were able to get some cops from the NYPD to continue guarding the apartment while the paperwork was completed, ensuring that the potential evidence inside the apartment was not compromised. A simple twist Wesley's panic grew. Not only could he not get into his apartment, but also the police were either looking through his stuff or were about to look through it. He was scared and desperate, so he decided that he needed to do something. Calling upon his fantastic criminal mind, he set about a course of action. He broke into his own apartment (which was under surveillance) through a window and came out quickly, running off with a laptop computer. The police officers that were guarding the place were caught by surprise. Who would have expected that a tenant who had been evicted from his apartment would want to break back in? It seems very funny today, but a few years ago, law enforcement did not think that high-tech crimes would inspire such amazingly bold acts. At that time, no one would have expected it. Sadly, when the police finally realized what was going on, Wesley was already gone. Apparently there was something very valuable to him in that computer. Of course, the cops felt really embarrassed that they allowed this to happen. Their sergeant, a bit frustrated, replaced them with different officers who were more careful. NYECTF I got involved in this case together with one of my friends, Hugh, because we were part of this new task force. We were pleased to be able to offer our computer and telephone expertise to help the NYECTF. Hugh was a seasoned telecommunications security professional, having worked for companies such as New York Telephone and Nynex for many years. He was very knowledgeable and easy to work with. Some members of the organization, who asked to meet with us in NYC, called us in. They had an assignment coming up and wanted to discuss some options, so we got together with them at their office in 7 World Trade Center early in the evening. From there, we went down to the parking garage of 1 WTC (the north tower). Because of the bombing of the WTC garage by fanatics in 1993, additional security had been put into place. You needed official permission and a special pass to gain access. The guys on the task force definitely had the pull to escort us in. The Secret Service had a section of the garage reserved for them. Here, they stored their government vehicles, affectionately known as G-rides, and parked their personal cars. We met there to discuss the upcoming search and to help load the van with the equipment that would be needed. One of the things that Hugh noticed right away was a "Nynex" vehicle that just did not look right. He turned to Bob, pointed to the van, and politely asked, "What the hell is that?" With a smirk, Bob told him that it was one of their undercover vans. Hugh responded that it made sense, because it wasn't a real Nynex truck. To this day, none of us could tell how Hugh knew! High-tech crimes revealed After a little while, it started to sink in to Hugh and me where we were. The garage walls were painted green in some sections, yellow and red in others -- not a usual color scheme, to be sure. We were told that the red paint signified the area where the bomb had been set off three years prior, at level B-2. We finally understood we were near the location where the truck bomb was set off back in February 1993. This was a very somber moment for us. As we stood in the building's foundation, I remember marveling at the immensity of the structure, thinking that it would be nearly impossible to significantly damage these massive buildings that were reaching nearly a quarter-mile into the sky. Sadly, recent history has proven me wrong. The rest of the night was spent preparing the computer forensic equipment for the search, which was scheduled for the next day. We were assembling cartons, power cords, any disk duplicators that we could find and items of the like. This was just some basic preparation that needed to be done. [...] _________________________________________ Help InfoSec News with a donation: http://www.c4i.org/donation.html


News URL

http://www.computerworld.com/securitytopics/security/story/0,10801,94643,00.html