[Infowarrior] - UK: 'We need crime breathalysers for PCs'
Richard Forno
rforno at infowarrior.org
Mon Dec 15 13:45:19 UTC 2008
UK police: 'We need crime breathalysers for PCs'
By Nick Heath
Published: 11 December 2008 15:55 GMT
http://www.silicon.com/publicsector/0,3800010403,39363836,00.htm?r=2
UK police are hoping to one day develop a breathalyser-style tool for
computers that could instantly flag up illegal activity on any PC it's
attached to.
Detective superintendent Charlie McMurdie, architect of the UK's
Police Central E-crime Unit (PCeU), said frontline police ideally need
a digital forensic tool as easy to use as the breathalyser, to help
them deal with growing numbers of computers being seized during raids
on suspects' homes.
McMurdie said such a tool could run on suspects' machines, identify
illegal activity - such as credit card fraud or selling stolen goods
online - and retrieve relevant evidence.
She told silicon.com: "Do we need to seize five computers in a
suspect's house or could we use a simple tool to preview on site and
identify there's that one email we are looking for and we can then use
that and interview the person now, rather then waiting six to 12
months for the evidence to come back to us?
"For example, look at breathalysers - I am not a scientist, I could
not do a chemical test on somebody when they are arrested for drink
driving but I have a tool that tells me when to bring somebody in."
The eventual development of such a tool could help ease a backlog of
digital forensic work that has officers waiting up to a year for
evidence to be recovered from seized machines.
The tool is part of a package of measures envisaged by McMurdie as one
day coming out of the £7m PCeU, which from spring next year will co-
ordinate law enforcement of all online offences and lead national
investigations into the most serious e-crime cases.
McMurdie also discussed the possibility of setting up a "central
forensic server", where digital forensic experts from across the UK
could log in and analyse whatever systems were plugged into it.
She described how it could help tackle corporate e-crime, saying: "Say
one of the banks is attacked and we need to have a look at one of
their hard drives: that bank would have something that they can plug
their system in to and that connects to this central forensic server.
"Say there is a copper who is a forensic expert in Devon and Cornwall,
he could hook into the central server and deal with it from Devon and
Cornwall, rather than travelling up to London."
McMurdie said UK police have also been talking to the FBI and US
Computer Emergency Readiness Team units about their use of remote
searches of hard drives over the net.
PCeU leaders are also in talks with the Association of Chief Police
Officers about setting up regional centres for e-crime training.
More information about the Infowarrior
mailing list