FBI asks computer shops to help fight cybercrime
By Peter Boylan
Date: February 05, 2004
Source: COMP USA
Agents with the Federal Bureau of Investigation's Cyber Crime Squad have been approaching O'ahu computer-repair specialists, network consultants and software developers and asking them to report any overtly criminal activity they find in customers' computers.
Owners of computer repair shops reported that FBI agents have come calling for at least a year.
Some business owners and network security consultants favor the approach, which enlists old-school police beat work to combat high-tech crime.
Others — like the executive director of the American Civil Liberties Union in Hawai'i and some local computer users — are wary of the tactic, saying it comes dangerously close to violating a person's privacy rights.
Special Agent Arnold Laanui said the FBI is taking a proactive approach to fighting computer crimes, which are ranked third on the agency's list of priorities, behind protecting the country against a terrorist attack and deflecting espionage.
"The computer arena is so broad and such a part of everyday life," Laanui said. "A good chunk of crimes out there have some sort of computer-based nexus to them."
The FBI primarily is looking for purveyors of child pornography, software used in the piracy of movies and music, and threats to national security.
Laanui said that computers are the "preferred way of trying to cover up sophisticated crime" and the FBI is reacting to that.
Each member of the computer crime squad is given a list of local businesses, Laanui said, with the idea of establishing a working relationship with all of them.
"We're going from gumshoes to gigabytes," he said. "We're not about sitting behind a desk and fighting computer crimes from behind computers."
Agents "are getting out in the public and seeing what's going on, and that is the only way it (computer crimes) can be fought."
'Fishing expeditions' feared
Vanessa Chong, executive director of the ACLU in Hawai'i, said she has no problem with the tactic of asking computer technicians for help if it is employed within the realm of a specific investigation that is intended to capture a specific criminal or criminals.
"I have no problem with a narrowly tailored, specific search, but this has the markings of a fishing expedition," Chong said.
Chong said the action "needlessly violates the privacy rights of honest consumers to find the guilty few."
Computer repair shop owners agree that instances of child pornography always warrant a call to the authorities. But they point out that most of the repair work they do, including crashed hard drives and miswired motherboards, takes place on the system level.
"The work that we do doesn't really require us to rummage through files or documents," said James Kerr, president and CEO of Super Geeks repair shop on King Street. "Because we're so busy and focused on getting the work done, there is no free time to scour through files."
Kerr said all of his "geeks" sign nondisclosure agreements stating that they cannot talk, even amongst themselves, about material that they come across while repairing a client's computer. He said they are encouraged to approach a supervisor if they do come across something that concerns them.
"Our job is to fix computers, not enforce the law. We're here to fix things, not police things," Kerr said. "People's private lives are their private business. If they have child pornography, we're contacting the police. But if they're sharing music files on Kazaa, that's not our business."
Kerr said the FBI approached him a year ago with concerns about one of his clients.
Ryan Joffs, a network security consultant with Fujitsu, one of the nation's largest computer corporations, also said he was approached by an FBI agent. Joffs' encounter took place in a restaurant, and he said they talked for 2 hours about computer crimes.
"If I ran into something suspicious on a customer's computer I would report it, or I would tell them to report it," Joffs said. "It (contacting computer professionals) makes sense. If you pay attention, you may see something you wouldn't think of reporting. It is one of the best means to find illegal things or things they (the FBI) need to look out for."
Laanui said the FBI is not out to violate privacy laws or rummage through people's files.
"Because we are a police agency, people view us as diametrically opposed to the ACLU and civil rights," he said. "We are not looking to conduct searches. We want the public to be wary and informed in the area of emerging tech crimes. If they see something, or they suspect something is afoot, they are free to contact the FBI."
He said agents also attend community events, like PTA meetings, to educate the public about network security.
Highly skilled unit
Without revealing specifics, Laanui said the computer crime squad is a sizeable group of highly trained agents who are up to date on the latest viruses, of which there are more than 70,000.
The agents are highly skilled in a multitude of high-tech disciplines, like how to hack into a system covertly. They often go undercover online, attempting to lure child predators. Laanui said some agents are skilled in the precise practice of extracting information from Palm Pilots.
In addition to their daily duties, the agents spend time in the classroom to stay on technology's ever-evolving edge.
"We're trying to build a rapport with companies, a lot of computer guys don't necessarily know we exist," Laanui said. "Virtually anyone in the high-tech arena is up for a visit with the FBI."
Although Laanui declined to disclose specific numbers of arrests and prosecutions involving cooperation by computer-repair technicians, the squad has made some high-profile collars unrelated to the repair technicians.
Jesus Norberto Evans-Martinez, 34, was arrested March 21, 2003, after the FBI received a complaint from an e-mail service in Copenhagen, Denmark. The complaint alleged that an e-group provided by Internet server Yahoo! was being used to transmit and share child pornography, according to U.S. Attorney Ed Kubo.
The FBI was given several e-mails that had been sent to and from an account, which was traced to Evans-Martinez, Kubo said. Some of the e-mails contained child pornography, and others discussed ways to use alcohol or drugs to have sex with minors.
On the day of his arrest, FBI agents searched Evans-Martinez's Schofield Barracks home and found computers and other items that contained child pornography, including images of him having sex with a girl.
Evans-Martinez faces up to 20 years in prison after pleading guilty to sexual abuse of a minor, advertising child pornography and witness tampering. He will be sentenced Nov. 1 by U.S. District Judge David Ezra.
In April 2003, the Hawai'i-based FBI cybercrime squad arrested Jason Starr, 23, of Pennsylvania, on charges of hacking into 'Ohana Net. The hacking cost the business $8,352.
Joshua Conley, 29, co-owner of Greenlight Design Studios, a Honolulu based Web design and marketing company, said he understands that the FBI is just trying to do their job and that it is only a matter of time before the government gets more involved in the regulation of the computer industry.
"Its a touchy subject," Conley said. "To a point, some of it is necessary, as long as you don't break someone's rights."
Eric Seitz, a Honolulu criminal defense and civil-rights attorney said that if someone takes a computer into a repair shop, they surrender their right to privacy.
"I'm not really sure there is a problem," Seitz said. "You are inviting someone to search your private information system, and if that person finds evidence of illegal activity, that person can report it."
^macro[showdigestcomments;^uri;FBI asks computer shops to help fight cybercrime]