Virginia cop pounds the AOL beat

[William Knowles <wk () C4I ORG>]

http://www.msnbc.com/news/451950.asp

By Maria Glod
THE WASHINGTON POST

LEESBURG, Va., Aug. 28 Ron Horak joined the Loudoun County sheriffs
office nearly 25 years ago, working as a guard in the county jail. He
later patrolled the countryside when there were only four deputies on
duty at a time. He chased burglars and vandals until he was blurry
eyed.

HE FIGURED HE would spend his entire career patrolling this
still-rural county where violent crime is rare and smashed mailboxes
make the news.

Then America Online moved in.

Now, Horak still wearing his trademark cowboy boots is on the ground
floor of some of the nations most high-profile criminal
investigations: horrific rapes, murders, bombings. From his quiet
Leesburg office, he has one of the most far-reaching views into the
seedy side of cyberspace.

Every time I think Ive seen it all, I see something else, Horak, 52,
said. My grandchildren hear the war stories. They hear the horror
stories.

Horak is Loudouns AOL detective. Thats all he does. Nationwide
requests for information from AOL come so frequently that the sheriffs
office has had to devote all of Horaks energies to dealing with the
applications.

The gatekeeper for police seeking clues in the online missives of AOLs
23 million subscribers, Horak has worked with police from all 50
states. It is his full-time job to handle the warrants needed to peer
into the online chatter of bobcat8me or honeycupid or satangirl. Hes
averaging more than one a day.

With more than 46.5 million households nationwide with Internet
access, online conversations and images can hold a wealth of evidence
for police investigating such crimes as fraud, arson and identity
theft. AOL the nations largest Internet service provider moved to the
county in 1996. As the main law enforcement agents in the county,
Loudoun sheriffs officials knew the law required that most requests
for AOL account information be funneled through their office. But they
never dreamed there would be so many.

WARRANTS BACK TO 1996

At the countys red brick courthouse, clerks record each new warrant in
a black-and-gold leather-bound ledger with entries dating back to
1975. The first AOL search warrant was filed in Loudoun in 1996. The
next year there were 33 AOL warrants.

After that, the requests skyrocketed.

In 1998, Loudoun magistrates signed off on 152 Internet searches as
police from New York to Texas peered into the accounts of users
including sexylilwildcat and lonelywife69 looking for the identities
of criminals or motives. Last year, there were 299 AOL searches. This
year, there already are 245.

We didnt realize the magnitude of this when we started, said Loudoun
Sheriffs Maj. John Patton. We didnt realize how much it would grow.

Bill Taylor, president of the Oregon-based International Association
of Computer Investigative Specialists, said Loudoun shouldnt expect
the requests to level off soon. Groups like his are training
front-line officers nationwide to consider the potential for computer
evidence in every case.

Its becoming more and more common for street cops on the front line to
think to preserve a computer just like they do fingerprints or blood
stains, Taylor said.

Patton said the work load already has put a strain on his department,
with a key detective processing warrants full time, but officials know
Horaks job is critical to prosecutions across the country.

New Jersey investigators called on Loudoun to help with an AOL search
when they were investigating the 1997 death of Edward Werner, an
11-year-old who was strangled by a 15-year-old neighbor. The neighbor,
Sam Manzie, an avid Internet user, had himself been molested by
someone he met online. And Pennsylvania police recently pursued the
accounts associated with Richard Baumhammers, a 34-year-old man
charged with killing five people during an allegedly racially
motivated shooting spree.

Just this month, Arlington police peered into the online world of
David Butler, an editor at Stars and Stripes who was found beaten to
death in a used-car lot, hoping to find information that would help
find his killer. Butler had been an AOL subscriber.

Mark Marshall, a detective with the Worthington, Ohio, police
department, said Horak helped him put a child predator behind bars. It
was 1998 when Marshall got a tip that Mark W. Maxwell had tried to
lure a 13-year-old girl he met online to a hotel.

Marshall called Horak, who helped prepare a search warrant and
delivered it to the magistrate. Included in the records Horak sent
back were pornographic images and the names of hundreds of people
Maxwell chatted with online.

It made our case, Marshall said. Here was an agency who didnt know us.
. . . [But] he hand-delivered the warrant. He got us the information.
He said if you need me call. You cant ask for better than that.

REQUESTS JUST PILED UP

Horak said he fell into his job by chance. He began processing the
warrants in 1998 when the departments computer expert went away for a
two-week class and one or two requests filtered in. But each week
there were more.

Still, the frequency hasnt numbed Horak to the content. Children who
threaten teachers. Men luring young girls for sexual encounters.
Someone sending e-mail using the names of the town mayor and police
chief.

The brazenness of people never ceases to amaze you, Horak said. They
are just so bold.

Each warrant begins with a phone call. He has taught seminars in Santa
Fe, N.M., Ocean City, Md., and Virginia Beach. Sometimes officers call
and say they heard about him from friends in other agencies.

Detectives will call and say, I dont have a clue where to start, Horak
said. I know Im in trouble if they say I had to get my grandson to
turn on the computer for me.

Horak faxes the detectives a how-to letter describing the warrant
procedure, and they send back an affidavit explaining why they need
the information. But Horak also must know enough details of each case
to justify the need for the search when he goes to the magistrate.

To obtain an AOL search, Horak must prove to the magistrate that there
is probable cause to look into an account. That means showing that
theres a 51 percent chance that a crime was committed and that this
evidence would aid the investigation, said Loudoun County Deputy
Commonwealths Attorney Owen D. Basham. Its the same standard as if you
were searching someones house or car. And it doesnt mean that [the
person whose account is searched] is the one who did something wrong.

Said Horak: If they just want a look-see, I reject it outright. Big
Brother does not do that. If you have broken the law and used AOL to
do it, you have reason to worry.

AOL spokesman Rich DAmato said the company, to protect its
subscribers, requires a legal order by a judge or magistrate. We work
with law enforcement to get them the information as quickly as
possible, he said, adding that AOL also has one person devoted to
processing such requests.

Several times a week, Horak shuttles that paperwork from the county
magistrates office in Leesburg always stepping aside when other
officers come in to secure arrest warrants to AOLs Dulles campus then
back to the courthouse. Once he retrieves the information, he sends it
to the detectives in the requesting jurisdiction.

Horak used to keep a map on his office wall with pushpins marking each
agency he helped. Pretty soon it was all pins and no map. He now has
another office and a map without pins.

I dont think we truly envisioned years ago it would get this big this
soon, Horak said. Its good to be able to reach out and help people
prosecute.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".