Mounties don't always get their cyberman: e-crime expert

[William Knowles <wk () C4I ORG>]

http://www.nationalpost.com/financialpost.asp?f=000607/309848

Peter Kuitenbrouwer
Financial Post

The Royal Canadian Mounted Police has neither the skills nor the
resources it needs to fight Canada's growing problem with cybercrime,
according to a computer forensics specialist who quit the force's
commercial crime section in Vancouver.

"Let's face it, the government has good intentions, but they can't
move at the speed of the Internet," said Rene Hamel, 38. "For me it's
not a good enough reason to stay behind."

During his years with the technological crime section, Mr. Hamel's
worked ranged from tracking online thieves to searching computers in
the offices of Glen Clark, the former premier of British Columbia. But
he said he got sick of pleading for resources that never came. A month
ago, Mr. Hamel took a new job with accounting giant KPMG in Toronto,
where he is setting up a lab to investigate electronic fraud.

In Ottawa, Staff-Sgt. Andre Guertin of the RCMP agreed that years of
underfunding have left the Mounties scrambling to catch up with the
high-tech crooks.

"We're just coming off a number of years where we had deep cuts,"
Staff-Sgt. Guertin said. But he added that of the $543-million in new
funds for the force approved in this year's federal budget, a chunk
will go toward combating online crime.

"We expect to turn out 1,200 to 1,300 new Mounties this year," he
said.

Inspector Ernie Malone, in charge of the RCMP commercial crime sector
in Vancouver, said Mr. Hamel is only one of many officers lured to the
private sector.

"We are losing a good number of very senior people with expertise," he
said. "There's a tremendous demand for it in the high-tech sector.
[But] there's plenty of work to do in our area and the resources are
coming."

Mr. Hamel had always wanted to be a cop. His father spent 33 years
with the city police in Victoriaville, Que. Mr. Hamel joined the RCMP
and paid his dues in British Columbia, working undercover on
Vancouver's seedy East Hastings Street and in the New Hazelton
detachment, northeast of Prince Rupert.

He spent his own money upgrading his computer skills with
long-distance learning courses and then joined the technological
sector of the commercial crimes unit in Surrey, B.C. He says he
enjoyed the work, but didn't get the support he needed from the force.

"I went to a course on computer forensics in Texas on my own money,"
he recalled. "I brought back some software, and when the RCMP realized
it would save them some money, they decided to pay for my trip."

So, just 4 1/2 years away from his pension -- which the RCMP pays on
completion of 20 years of service -- he quit.

These days, he works on the 33rd floor of Commerce Court West in
Toronto and, apart from getting lost in Toronto's labyrinth of
underground tunnels, is adapting quite well. His office is a jumble of
computers with the cases removed and stacks of hard drives seized
during investigations, each wrapped in an anti-static silver plastic
bag.

Key to the work Mr. Hamel does with his partner, Scott Loveland, is
software that allows them to read deleted files that may still exist
in the "slack space" on computer hard drives.

"Sometimes your computer will store deleted files in corners of your
hard drive that your system forgets about," he explains. "People don't
realize how much of their information is stored on their hard drive
and they don't know about it."

In one case, a software company in Western Canada hired KPMG to
investigate suspicions that a group of departed employees had stolen
proprietary programs.

"We went to four residences and took their computers and diskettes,
CDs, Zip Drives, Jazz drives and 35 or 40 hard drives," Mr. Loveland
recalled.

The team found deleted material on the hard drive proving that
programs had been stolen and, sifting through deleted e-mails, "we
also figured out that somebody inside the company was still
co-operating with the guys who left," Mr. Loveland said.

In another case where a company suspected an employee of disloyalty,
Mr. Hamel went into an office at night and made a copy of the
staffer's computer hard drive. "The person was building another
business while using the company's resources," Mr. Hamel said. "I
found information in the slack space on his hard drive."

Yesterday, KPMG released a survey that showed many big Canadian firms
are not concerned with the threat of electronic fraud. In fact, the
response rate -- just 180 out of Canada's top 1,000 companies filled
in the survey -- was the lowest in the nine years KPMG has tracked
corporate fraud.

Norm Inkster, president of KPMG's fraud branch and former commissioner
of the RCMP, said the survey shows Canadian firms are complacent when
it comes to e-commerce fraud.

"We're going to have to do more to protect ourselves," Mr. Inkster
said.


*-------------------------------------------------*
"Communications without intelligence is noise;
Intelligence without communications is irrelevant."
Gen. Alfred. M. Gray, USMC
---------------------------------------------------
C4I Secure Solutions             http://www.c4i.org
*-------------------------------------------------*

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".