|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Cracked; rootkit - entrapment question?
From: Bob (bob
CAVU.COM)Date: Wed Mar 15 2000 - 11:21:04 CST
- Next message: David Meissner: "Odd UPD scan"
- Previous message: Hal Lockhart: "Re: Cracked; rootkit - entrapment question?"
- Next in thread: Robert G. Ferrell: "Re: Cracked; rootkit - entrapment question?"
- Maybe reply: Bob: "Re: Cracked; rootkit - entrapment question?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Seth Georgion <sysadminsassproductions.com> wrote:
> I keep reading various news articles that indicate that federal law
> currently states that the FBI is not allowed to investigate if they believe
> that the damage is under 5,000 dollars per computer and if they find out,
...
The $5000 limit is on the recently enacted computer crime law. However,
there is no lower limit on computers used in interstate commerce, banking,
those owned by the federal government, or used in a crime that the FBI
otherwise has jurisdiction over.
The interpretation by the FBI's Atlanta office is that if the compromised
computer does something as trivial as surf the web site of a computer in
another state or someone occasionally dials into the computer from another
state that that qualifies as interstate commerce. Thus essentially every
computer on the Internet is under the FBI's jurisdiction.
> By the way our company investigated pursuing damages once, just for kicks,
> and our legal representatives informed us that damage can only be calculated
> as loss of critical business and whatever the dollar amount per hour of the
> employees involved amounts to. This would only include time spent fixing it
> not time BSing and investigating and stopping work just because you'd like
> to verify that all 24,000 company computers weren't subject to attack.
...
Despite "tough talk" by Reno and Clinton the FBI's computer crime departments
are very underfunded and so they can investigate only the most serious
cases. While the Atlanta office will not state what their formula is,
I suspect $5000-$10,000 would be in the "ballpark", though I've seen them
investigate smaller cases. They encourage the reporting of all cases to
them.
Law enforcement and the courts use different classes of financial loss.
Outright theft of money, goods, and services is the most serious and is
a crime in its own right. Demonstratable loss of business is less severe.
Personnel losing productivity and having to spend time correcting the
problem is considered least severe, particularly the time of salaried
people. Frequently this cost will not be considered.
Do keep in mind that many states have developed expertise in fighting
computer crime. Georgia, Virginia, and New York are three.
Bob Toxen
http://www.cavu.com
Fly-By-Day Consulting, Inc.
- Next message: David Meissner: "Odd UPD scan"
- Previous message: Hal Lockhart: "Re: Cracked; rootkit - entrapment question?"
- Next in thread: Robert G. Ferrell: "Re: Cracked; rootkit - entrapment question?"
- Maybe reply: Bob: "Re: Cracked; rootkit - entrapment question?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]