Lessons Learned from Trident Breach

By John Wagley

The use of social networking sites, like Facebook and Twitter, by law enforcement is also especially valuable when information from the sites is combined with information from databases available only to law enforcement, according to Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham and a contributor to Trident Breach and many other investigations.

“You might take 10 friends [of a suspect] and ask which of them have criminal records,” Warner later told Security Management. When tools can be used with both social media sites and law enforcement databases, “their value increases astronomically.”

There are limits to the use of social media to track suspects, a few panelists noted. When suspects use their privacy settings, it becomes extremely difficult to use scanning tools or to gain much other useful information, said Warner. But he added that this doesn’t happen often. “The good news is that criminals, just like most other social networking users, leave themselves open in terms of privacy settings.” In certain cases (such as in Trident Breach), law enforcement can also gain a warrant to bypass such settings.

With regard to international cooperation, panelists noted that the FBI has placed legal attachés in U.S. Embassies in Ukraine, Romania, Estonia, and The Netherlands. In the past year, the United States has participated in five or six major investigations with Ukrainian authorities.

With successes, such as Trident Breach, subsequent investigations have proceeded “more smoothly,” he said. Panelists also attributed the success of the operation to strong cooperation with the private sector, including with certain financial institutions that were able to spot suspicious transactions and accounts.

A few panelists also cited people’s ongoing vulnerability to phishing attacks, in which victims are tricked into downloading malware by clicking on an attachment or link in an e-mail message. Law enforcement may be making some headway in fighting cybercrime, but “if you click too quickly, you’re had,” said panel moderator Paul Joyal, a managing director in the public safety and homeland security practice at the consulting firm National Strategies.



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.