National Association of Attorneys General
NAAG-Led Executive Working Group Discusses Computer Crime
Colorado Attorney General Hosts First Meeting of EWG to be Held Outside of the Nation’s Capital
On January 18, 2008, the Executive Working Group on Prosecutorial Relations (EWG) met for the first time outside of Washington, D.C., hosted by Colorado Attorney General John Suthers at his office in Denver, Colorado. The EWG is comprised of principal representatives from the National Association of Attorneys General (NAAG), the National District Attorneys Association (NDAA) and the U.S. Department of Justice. The group was formed more than 30 years ago in an effort to increase cooperation among federal, state and local law enforcement and prosecutorial agencies. The overriding purpose is to provide a forum for federal, state and local law enforcement to engage in open and candid discussions regarding areas of mutual concern. The chair of the EWG rotates among the three member organizations. Indiana Attorney General Stephen Carter and Pennsylvania Attorney General Tom Corbett are currently serving as co-chairs of the group on behalf of NAAG.
As is customary, the meeting featured a discussion with the U.S. Attorney General. Recently confirmed Attorney General Michael Mukasey discussed his department’s priorities for the coming year. These priorities are national security, violent crimes, public corruption and border security.
The bulk of the meeting focused on issues related to computer crime and included information on legislative initiatives, updates on the techniques used by criminal enterprises and information on potential partnerships and training.
Representatives from the National Cyber Forensics & Training Alliance (NCFTA) presented an overview of their organization and how it might be of assistance to state and local prosecutors/investigators. With both an analytical function, as well as law enforcement personnel from the Federal Bureau of Investigation (FBI) working within it, NCFTA provides a full range of services for companies and law enforcement agencies in identifying, tracking and responding to emerging threats to information and network security.
As a non-profit organization, NCFTA serves as a “safe-harbor” for technology companies that provide vital information without fear of commercial trade secrets being put into a public forum, resulting in a competitive disadvantage. NCFTA products include intelligence assessments, alerts and bulletins, client-based products, trend reports, training videos, tutorials and presentations.
Participants were given information on emerging threats from the increased use by criminal groups of bot nets – a network of personal computers taken over by the criminal group using malicious software to gain access and control. These networks of commandeered computers are used for a variety of criminal purposes including spam, identity theft, hacking into financial accounts and intercepting personal financial data. Pharmaceutical fraud is also increasing with industry working together with NCFTA, the FBI, the U.S. Postal Inspection Service and others to target counterfeiters, spammers and re-shippers. Chinese, Russian, Canadian, Indian and Pakistani criminal groups are very active in this area. Other areas of concern and increased attention include “carding” forums – websites in which credit card numbers are sold; “pump and dump” stock schemes; and the increasing use of virtual communities by criminal groups – such as Second Life and others.
Participants also heard about recent legislation in Colorado concerning computer crime. Prior to July 2006, there were no specific cyber-related criminal statutes. That changed with the passage of legislation related to Internet luring (with no actual meeting being required to trigger the violation), as well as prohibitions against using a webcam to send inappropriate images. In the 18 months since passage of these measures, more than 250 offenses have been charged, directly proportionate to the number of personnel dedicated to enforcement – the more devoted personnel, the higher rate of discovery of offenses. In addition, Colorado is considering legislation to criminalize the misuse of computers to manipulate the online purchase of tickets for entertainment events. Nicknamed the “Hannah Montana Bill” as a result of the online manipulation of ticket sales for a concert featuring the star of the popular Disney Channel show, the legislation also reflected the experience of Colorado with the sale of World Series tickets this past October. In both cases, organized criminal elements launched massive waves of straw purchases within minutes of ticket sales opening in order to bypass limits set by the vendor, effectively selling out the event almost instantaneously and providing an opportunity to inflate the prices of the tickets available to the public. The measure is currently working its way through the Colorado legislature.
Many places are starting to follow the trend of using the Internet for new and innovative ways of conducting screenings of job applicants. Employers are using profiles on MySpace and other social networking sites to screen potential employees, although many job applicants view their “online life” as separate and distinct from “real life.” Unfortunately, for these applicants, that is no longer the case with instances of lost job opportunities as a result of information found on their very public online profiles.
Social networking sites were also a hot topic with respect to access by parolees and registered sex offenders. Indiana currently has legislation pending that would affirmatively bar any registered sex offender from setting up a profile on a social networking site. In Colorado, certain offenders must abstain from accessing social networking sites as a condition of their parole.
Representatives from the Computer Crime and Intellectual Property Section of the Department of Justice (CCIPS) talked about the changing landscape of computer crime. Traditional computer crime had involved hackers and fraudsters, usually operating independently, who attacked non-critical insular targets − usually for bragging rights for their ability to gain access to that which was forbidden. Recently, however, cyber attacks are being perpetrated by highly sophisticated international criminal groups as a result of increasing financial gains that can be obtained through various schemes. With large financial rewards potentially available, as well as the relative anonymity, lack of oversight and jurisdictional concerns, cyber crimes provide an attractive area for criminal enterprises to expand into.
Participants were also given information on the specially designated Computer Hacking and Intellectual Property (CHIP) units within each U.S. Attorney’s office. Seeking to protect the nation's businesses and citizens from the rising tide of computer crime and intellectual property theft, the CHIP units have at least one specially-designated federal prosecutor in each federal district who works closely with the FBI and other agencies to establish a relationship with the local high-tech community and to encourage them to refer cases to law enforcement.
A recurring theme in all of the presentations quickly emerged – the relative dearth of specialized training available to prosecutors on computer crime issues. As a result of the representation of federal state and local law enforcement, the group may in fact be uniquely situated to bring together the best of existing training opportunities and will further explore potential projects.
The Department of Justice also briefed the group on H.R. 3887, the William Wilberforce Trafficking Victims Protection Reauthorization Act of 2007, provisions of which federalize the crime of pandering. This particular crime has traditionally been enforced at the state and local level. In addition, as a result of the broad language expanding federal authority in this area, certain people who might not be traditionally considered victims of trafficking could potentially be designated as such, including individuals voluntarily engaged in prostitution. Once so designated, these people would be eligible for services funded under the Crime Victims Fund (VOCA), taking resources from those asserting victimization as a result of human trafficking.
The next EWG meeting will be held on May 23, 2008, in Washington, D.C. and will focus on issues related to public corruption. This meeting will also conclude NAAG’s rotation as chair with the Department of Justice assuming leadership at the conclusion of the May meeting.