Contents of the FBI.TXT file
Reprinted from a Computer Security Institute solicited section of
Datamation Magazine, September 15, 1989.
AN FBI PERSPECTIVE ON COMPUTER CRIME AND VIRUSES
With the evolution of technology, computer literacy and accessibility
have become commonplace in our society. The mass marketing and low price of
personal computers, the simplification of programming, and the accessibility
of pre-packaged software have been instrumental in integrating the computer
into everyday life. Those same advances, however, have also substantially
increased the threat of computer-related crimes.
Positioning the Problem--The FBI has found that computer crime is
often one of the most elusive types of crime to investigate. It has no
geograpic limitations, and the entire illegal transaction may take place in
less than one second. Computer crimes threaten the integrity and
reliability of sensitive computer systems. Despite a growing interest in
the problem, no consistently applied and universally accepted definition of
computer crime has yet been argeed upon by those concerned with law
enforcement. The FBI has found that many computer-related crimes are
essentially the same as traditional crimes, with the criminal using a
computer as an instrument of the offense, much like a forger's pen is used
to produce fraudulent documents. Other activities, however, such as the
unleashing of destructive viruses, are unique to computers. All have
the potential for causing great financial loss or denial of service in a
matter of seconds, and for causing destructive effects that may last for days,
weeks or even months.
Current criminal statues, by and large address the issue of computers
as the vehicle or instrument of the crime. As more sensitive information is
stored in computers, however, and as government and industry have become more
dependent upon the proper functioning of computers, we have seen and increase
in crimes in which the computer or computerized information is the target
of the crime. Computer viruses present one such example.
Computer Viruses--The FBI regards a computer virus as any computer
program which is not readily discernible to the user and which has
the capacity to infect other computer systems by recreating itself
unpredictable or causing some other specific action under perdetermined
circumstances. A virus is usually placed in a system by a person who has
authorized access, but can also be placed by a 'hacker.' Viruses can be
transmitted by infected software, through networks, or from remote locations.
With today's technology, viruses can originate in an office, academic
institution, or in a home personal computer almost anywhere in the world.
They may or may not cause damage, destruction or unauthorized
access. Computer viruses differ in their effects, depending on the intent
(and sometimes the competence) of the designer. They can range from
being nearly harmless to being devastating, causing complete shutdowns of
systems and the massive destruction of data. Cleaning up the aftermath could
cost more than the actual damage to the system.
Experts in the field have found that the motives of those who create
viruses include intellectual curiousity, desire for publlicity or notoriety,
deliberate denial of service, and industrial or other sabotage of computer
systems and data banks. Virus creators range from young students, who fail
to anticipate the consequences of creating and transmitting a virus, to
disgruntled employees and others who clearly intend to commit a malacious
act. Viruses are easy to create and propagate, require little expertise and
they may be nearly impossible to prevent or detect. Indeed, viruses are
frequently designed to prevent detection.
Viruses are often difficult to trace and are frequently not
discovered until it is too late to prevent the intended harm. Investigation
may be complicated by the many permutations viruses can undergo and by the
widespread geographic areas involved. In addition, the owners of
the affected systems are sometimes more concerned with repairing the damage
than with prosecuting the offender. And, because a particular virus may cause
only a small amount of damage to may differnet users, no single
user may consider the event significant enough to report.
FBI Activities--The FBI's investigations of computer-related crimes
generally have been successful, but our investigative experience with
actual computer viruses has been limited. To date, the FBI has conducted
criminal investigations of viruses on only two occasions. One recent example
was the FBI's investigation of a young computer hacker who went by the
alias "Shadow Hawk." This 18-year-old successfully entered computers owned
and operated by AT&T and the United States Government. He was able to copy
over one million dollars worth of proprietary software, causing substantial
damage in the process. He was prosecuted under the Computer Fraud and
Abuse Act and was sentenced in February 1989.
The FBI strives to aquire and maintain the ncessary expertise to
address computer crime effectively. We currently employ personnel with
advanced degrees in engineering and computer sciences, as well as the hundreds
of computer-literate investigators, plus the technical personnel to assist
them. We also have access to the most advanced expertise in other government
agencies, private-sector computer firms, and educational institutions. Our
strategy is to employ a team approach to virus and other computer crime
investigations, coordinating our efforts with the experts from various
In order to remain responsive to the increasing threat of computer-
related crimes, the FBI Academy in Quantico, Virginia has offered spcialized
training in the investigation of those types of crimes since 1976. In
addition, FBI personell at Quantico are inthe forefront of research efforts
on computer security, the nature and impact of viruses, and other related
matters. They are even developing behavioral profiles of computer hackers.
The Need for Positive Action--Beyond the scope of law enforcement,
however, the security of computer systems ultimately rests with the designers
of the hardware, the authors of software, and the owners of the computers.
One major step that users can take to reduce their vulnerability to computer
viruses is to verify the authenticity and integrity of software before using
it. Successful prosecutors also may have a deterrent effect. But, ultimately,
security enhancements will be required to curb the sprialing increase in
A balance must be achieved between the benefits derived from
educational experimentation or the flow of free information, and the need
to prevent criminal activity which has the potential for millions of
dollars in damage. Once the balance tips to criminal activity, however,
the FBI will virgorously pursue those who violate Federal Law, whether through
the creation and introduction of viruses into computer systems, or through
[Transcriber's note. Why does this guy sound like a politician,
police officer and computer system manager combined? It's scarey--especially
when he mentions the phrase 'hacker profiles' in the text!...
...Blank is Beautiful..]