Security Incidents mailing list archives

Re: Who's liable? - fbi

From: Alvin Oga <alvin.sec () Mail Linux-Consulting com>
Date: Sat, 13 Oct 2001 15:59:52 -0700 (PDT)


hi ya

out here ( san jose area ) ... the agencies out here are
fairly lenient and good about investigating computer crimes...

they ( fbi )  get involved when "it" becomes a felony across
interstate lines or gov't property... ( think a felony is anything that
was $10,000 or more in damages ... forgot .. "a small amount"

think they did confiscate some smurf attacker's PCs..
( can't get confirmation etc...since it was under investigation at the time
- told um the sites that maintains potential smurf amplifiers sites etc
        
- took a month or so of "watching the smurfing going on" ....but dont
  think the smurf'ers been back since

have fun linuxing/securing..
alvin


On Sat, 13 Oct 2001, Jay D. Dyson wrote:

-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 13 Oct 2001, Michael F. Bell wrote:

Lets say you are a small realty agency, and you provide internet access
to your employees and one of your employees hacks into the Whitehouse
website from your internal network.

<snip>

Who is liable??  What can the FBI do at this point?


      No liability is identified at the time.  But I guarantee you that
the FBI will confiscate all machines on site and send them off for
forensics evidence gathering.  Don't bother objecting that it will cause
your business undue hardship.  LEAs don't care.  Period.

...

      Depends on the damages.  If they reach a certain amount, the FBI
will be called in and we're back to situation one as described in the
earlier part of my reply.  If the damages are minimal and don't warrant
FBI involvement, then eBay will simply absorb the loss, (hopefully) make
appropriate updates to their security policies, practices and procedures,
and mush on.

      In the final analysis, any system that can't do even basic
auditing and accountability on their networks will -- at the very least --
wind up on many an admin's firewall blacklist.  I've been doing as much
with abuse-friendly networks since the '90s.  At most, the FBI will be
called in and will (in the name of the law) rip that network's systems
down to the wires.



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Who's liable? Michael F. Bell (Oct 13)
- Re: Who's liable? hvdkooij (Oct 13)
  - Re: Who's liable? macdaddy (Oct 14)
    - RE: Who's liable? Dom Genzano (Oct 14)
    - Re: Who's liable? Kelly Martin (Oct 14)
- Re: Who's liable? Jay D. Dyson (Oct 13)
  - Re: Who's liable? - fbi Alvin Oga (Oct 13)
- Re: Who's liable? Alvin Oga (Oct 13)
- RE: Who's liable? Chris Mason (Oct 13)
- RE: Who's liable? Liam Burrow (Oct 13)
- RE: Who's liable? Russell Berry (Oct 13)
  - RE: Who's liable? Brian Taylor (Oct 14)
- Re: Who's liable? Frank (Oct 14)
- RE: Who's liable? Michael Conlen (Oct 14)
- <Possible follow-ups>
- RE: Who's liable? Rob Keown (Oct 13)
  - Re: Who's liable? Kelly Martin (Oct 13)
    - Re: Who's liable? Doug Foster (Oct 14)

(Thread continues...)