[Infowarrior] - UK: 'We need crime breathalysers for PCs'

Richard Forno rforno at infowarrior.org
Mon Dec 15 13:45:19 UTC 2008 

UK police: 'We need crime breathalysers for PCs'

By Nick Heath

Published: 11 December 2008 15:55 GMT

http://www.silicon.com/publicsector/0,3800010403,39363836,00.htm?r=2

UK police are hoping to one day develop a breathalyser-style tool for  
computers that could instantly flag up illegal activity on any PC it's  
attached to.

Detective superintendent Charlie McMurdie, architect of the UK's  
Police Central E-crime Unit (PCeU), said frontline police ideally need  
a digital forensic tool as easy to use as the breathalyser, to help  
them deal with growing numbers of computers being seized during raids  
on suspects' homes.

McMurdie said such a tool could run on suspects' machines, identify  
illegal activity - such as credit card fraud or selling stolen goods  
online - and retrieve relevant evidence.

She told silicon.com: "Do we need to seize five computers in a  
suspect's house or could we use a simple tool to preview on site and  
identify there's that one email we are looking for and we can then use  
that and interview the person now, rather then waiting six to 12  
months for the evidence to come back to us?

"For example, look at breathalysers - I am not a scientist, I could  
not do a chemical test on somebody when they are arrested for drink  
driving but I have a tool that tells me when to bring somebody in."

The eventual development of such a tool could help ease a backlog of  
digital forensic work that has officers waiting up to a year for  
evidence to be recovered from seized machines.

The tool is part of a package of measures envisaged by McMurdie as one  
day coming out of the £7m PCeU, which from spring next year will co- 
ordinate law enforcement of all online offences and lead national  
investigations into the most serious e-crime cases.

McMurdie also discussed the possibility of setting up a "central  
forensic server", where digital forensic experts from across the UK  
could log in and analyse whatever systems were plugged into it.

She described how it could help tackle corporate e-crime, saying: "Say  
one of the banks is attacked and we need to have a look at one of  
their hard drives: that bank would have something that they can plug  
their system in to and that connects to this central forensic server.

"Say there is a copper who is a forensic expert in Devon and Cornwall,  
he could hook into the central server and deal with it from Devon and  
Cornwall, rather than travelling up to London."

McMurdie said UK police have also been talking to the FBI and US  
Computer Emergency Readiness Team units about their use of remote  
searches of hard drives over the net.

PCeU leaders are also in talks with the Association of Chief Police  
Officers about setting up regional centres for e-crime training.

More information about the Infowarrior mailing list