Federal Identity Theft Investigations Richard W Downing Assistant
- Slides: 28
Federal Identity Theft Investigations Richard W. Downing Assistant Deputy Chief Computer Crime and Intellectual Property Section U. S. Department of Justice
CCIPS • Established in 1991 and now almost 40 attorneys • Prosecute– – Computer intrusion and damage cases – Intellectual property cases • Provide technical advice re: search and seizure of electronic evidence • Legislation and Policy development • Train prosecutors and investigators
What we can do for you– • Advise on searching and seizing electronic evidence • Assist in investigation and prosecution of hacking and IP crimes • Research resources – Search & Seizure Manual (2002) – IP Manual (2006) – Network Crimes Manual (forthcoming) • 24/7 duty line: (202) 514 -1026
Agenda • Investigation of a Major Database Theft • Investigation of a Secondary Market for Identity Information • Complications in Online Investigations • Conclusion
Agenda • Investigation of a Major Database Theft • Investigation of a Secondary Market for Identity Information • Complications in Online Investigations • Conclusion
United States v. Scott Levine • Victim: Axciom, Little Rock, AK • Crime: Theft of over a BILLION customer records • Trail led back to Snipermail, and its CEO: Scott Levine • Various other employees pled and cooperated • Convicted after lengthy trial • Sentence: 96 months
Agenda • Investigation of a Major Database Theft • Investigation of a Secondary Market for Identity Information • Complications in Online Investigations • Conclusion
Carding Sites
Centers of Online Crime • Financial Crime – Credit Card Fraud – Bank Fraud and Money Laundering – Identity Documents • Computer Crime – Hacking Services (Intrusion, DDOS, etc. ) – Custom Malware (Viruses, Trojans, etc. )
WHAT CAN YOU PURCHASE? • • • Financial account information Credit Cards Passports Driver’s licenses Birth certificates Social Security cards Credit Reports Insurance cards Diplomas
Counterfeit Licenses and Credit Cards
Shadowcrew. com
Hierarchical Structure
Control over Shadowcrew • USSS Newark FO Took Control of Site – Complete Monitoring of Content – Knowledge of Criminal Activity – Offering of Auxiliary Services • Targeting of Highly Placed Members – Administrators – Reviewed Vendors – Other Key Criminals • October 2004: Takedown
Takedown Summary (Nov 2004) • Total Arrests: 28 – 21 Arrests in USA – 7 Foreign Arrests • Total Search Warrants Executed: 27 • More Than 100 Individual Computers Seized
Domestic Arrests (USA)
Foreign Targets/Arrests
Agenda • Investigation of a Major Database Theft • Investigation of a Secondary Market for Identity Information • Complications in Online Investigations • Conclusion
Simple Example SUBPOENA #1 Hotmail IP Address SUBPOENA #2 Subscriber info and computer location Cable ISP
Blocks in the Road • Record Retention • Open Wi. Fi networks • Foreign hosts
IP Address from Hotmail Wi. Fi CLIENTS Hotmail 192. 168. 0. 1 192. 168. 0. 2 Broadband Modem 192. 168. 0. 1 68. 42. 205. 94 192. 168. 0. 3 Subject’s House
Solution: § Use a Pen Trap order to get IP data § Start at physical location of the IP address § Follow the Wi. Fi signal to subject’s location
Agenda • Investigation of a Major Database Theft • Investigation of a Secondary Market for Identity Information • Complications in Online Investigations • Conclusion
Conclusion • ID Theft is a exploding problem • Federal investigators alone can’t handle the problem • There is a need for more training • President’s ID Theft Task Force Report (forthcoming)
Questions? Richard W. Downing Assistant Deputy Chief 202. 514. 1026 richard. downing@usdoj. gov
- Identity theft and assumption deterrence act
- Identity theft graph
- Wells fargo identity theft repair kit
- Identity theft prevention program
- Identity theft 101
- Identity theft
- Downing elementary school
- Walt downing
- Closed for the season mary downing hahn
- The shroud of turin
- Elise downing
- John thomas white lemon squeezer inventor
- Ieee transactions on aerospace and electronic systems
- Looking for richard stream
- Identity mapping activity
- Cookie jar theft picture
- Building a forensic workstation
- Scientific method of observation
- Guide to computer forensics and investigations
- Plagiarism is theft
- Statistical investigations examples
- Nc license and theft bureau offices
- Actus reus of theft
- Certified fraud examiner
- Child protective investigations pasco county
- Statistical average crossword
- Why aren t descriptive investigations repeatable
- Antenatal investigations
- Forensic science fundamentals and investigations chapter 6