[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FBI on BBS operator liability (fwd)



also from

Computer underground Digest    Sun  Oct 3 1993   Volume 5 : Issue 77
                           ISSN  1004-042X

===cut=here===

Date: Thu, 30 Sep 1993 11:38:00 -0400 (EDT)
From: "Daniel P. Lieber - (617) 642-7697." <[email protected]>
Subject: File 4--Summary of BBLISA meeting (CuD 5.75)

         Account of BBLISA Meeting (posted in CuD #5.75)

     On Wed., Sept. 29, the BBLISA (Back Bay [Boston] Large
Installation Systems Administration Group) group had their monthly
meeting where they hosted both an FBI agent and a federal
prosecutor from the U.S. Attorney General's office.  Both speakers
were knowledgeable about the subject and tried to answer all of the
questions that they could. (I am omitting names as I am not sure of
the correct spelling or titles -- both were substitutes for the
original speakers.)

     After a brief welcoming by the leader of the group, the
prosecutor spoke extensively on the different types of intruders
into systems.  Her particular area of expertise in the field of
"computer crime" is with kiddie porn.  However, she was
knowledgeable on the major topic at hand -- intrusions.

     The most common and least threatening type of break-in artists
are the solo hackers and crackers (usually young males) who break
into systems for the thrill and to brag about their accomplishment.
Usually, they cause little or no damage and no crime is
prosecutable (just utilizing resources is not prosecutable).  By
far, the most serious threat is internal.  Disgruntled workers and
recently dismissed employees cause the most damage and are usually
motivated by revenge and want to inflict injury.  The third type of
intrusion, for-profit, is growing rapidly.  This includes bank and
ATM fraud, among other types of information theft.

     The FBI agent relayed stories about cases he has worked on and
the scope of the FBI office in Boston.  To be investigatable by the
FBI, a monetary or equivalent loss must be $100,000 or the loss
must be shared amongst many different parties.  He also informed us
that there are no agents that just cruise around BBSs looking for
crime.  The FBI is too busy to do that.

     From the information discussed at the meeting, there were some
conclusions and suggestions that were brought out:
  *  System banners informing all users that unauthorized access is
     prohibited and that privacy is limited are helpful.
  *  E-mail is usually considered private unless specifically
     stated otherwise.
  *  System administrators are not obligated to report illegal
     activities that they detect on their systems.
  *  Law enforcement does not like to confiscate systems and will
     usually get the information out of the machine without taking
     it.
  *  To be prosecuted for a crime utilizing a computer, the
     defendant must have prior knowledge of the criminal materials
     or intent.

     For more information on BBLISA, send a message to
[email protected] with the subject line: subscribe bblisa.  Next
month's meeting will discuss large-site Internet services.

                                             --Daniel Lieber,
                                               Systems Manager-
                                               _The Vanguard_
                                               at Bentley College