interested in joining corrections.com authors network, email us for more information.

Archive

Author Archive

Is Flash Justice the Solution to Flash Riots?

September 15th, 2011

This summer has seen a perverted twist on a phenomenon that started in 2003, specifically flash mobs. Initially flash mobs were organized, usually via social media, for entertainment, fun, even social protests. However, this summer we saw flash mobs being organized for crime. We had the riots in the United Kingdom and numerous mass shoplifting and robberies occurring in the United States. These acts were all apparently coordinated via social media. Who knows if this will be a new trend or if it will fizzle out.

One thing that concerns me is a terrorist creating a flash mob to either maximize the casualties and/or reduce the response time of law enforcement and other first responders. I could also imagine a “lone wolf” terrorist doing the same thing. We may also see “smarter” offenders using a flash mob to divert attention for a much more serious criminal act. Imagine being able to manipulate a mob to commit a crime. For now we are dealing with those who thought it was okay to participate in a mass free for all of criminality. 

Thanks to technology many of these “Einsteins” were video taped in the act. Many have been arrested. I can hear the arguments being made by some offenders who were caught. I just went to a location to see what was going to happen. All I took was a candy bar. I never intended to do anything criminal. There will be a lot of rationalization and minimization going on for sure. The task for the person making the sentencing recommendations is going to be to cut through all this stuff. But how?

The United Kingdom apparently is adopting decades old rules for dealing with these recent rioters.  They have three principles which are being used to guide sentencing decisions. The first principle is that apprehended offenders can’t’ argue that they shouldn’t be punished because others who were equally to blame didn’t get caught. The second principle is anyone who is involved in a major mass criminal act can’t expect to have their actions considered separately from those others involved. Basically, no matter how minor their role was in the event they are just as responsible for the results of the larger disorder in which the police were overwhelmed by strength of numbers. Finally, the last principle is the offender’s previous good character has less mitigation effect when they are involved in a large scale criminal act, such as  riot. It is kind of interesting that they are using principles that were developed well before social networking or even the Internet was created.

I am not saying that is a bad way of dealing with riots. But the effect is starting to be felt in the prisons and jails.  There are reports that in England and Wales jail populations are increasing by 100 a day, which is being attributed in part to justice dispensed to the rioters. You see in a “wired” society, with cameras every where no one gets away for long. Forty years ago, when their legal principles were adopted, you have only a few offenders getting caught. Now with cameras recording everything you have a larger percentage of the mob being arrested. Not to mention the truly brain dead rioters posting pictures of themselves on the Facebook profiles doing criminal acts. Maybe the hard line though will put an end to the flash riots. 

What about in the United States?   In the states we pride ourselves on individualized justice. What do we do with 75 offenders who meet via a social media to shoplift $700 from a local store? Maybe we treat them all equal and throw the book at them. Maybe there is another way though. Why not focus on the ring leaders, you know those who arranged the acts. Come down hard on these who posted and spread the word to do start a crime wave.  Anyone caught committing violence, as opposed to stealing a candy bar or six back of beer goes to the front of the prison bus.

 Law enforcement are going to have to get up to speed and fast.  Some law enforcement are already monitoring social media.  Additionally, after the fact they are also going to have to be prepared to investigate who arranged the event, i.e, got the discussion going via the social media. Sure those video cameras and posts on offender’s social networking profiles are great but they are just pieces of the investigative pie. Obviously, these investigations are going to depend upon the amount of loss, damage, and/or harm inflicted. 

For those in corrections, particularly those involved in sentencing recommendations, maybe it is time to take a breath. Look at the loss, the damage and harm and the role the offender played in the crime. Also look to how cooperative they were with the police in helping in the investigation and/or if they accepted responsibility for their crime.  Finally, what does their prior record look like. 

I truly hope this is just a stupid fad, like the “streakers” of my day.  (Yeah, thirty years ago folks sometimes chose to run naked through the streets as opposed to burning everything down.)  Maybe the UK has got it right. But then again, it will not take too many social media shoplifting events to quickly overwhelm correctional resources. After all in today’s fiscal environment can we throw everyone in jail?  Is flash justice the solution to flash riots? Only time will tell.  On that thought my cigar needs a light. Be safe out there.

Uncategorized

The Problem Of Accessing Cybersex Risk

August 18th, 2011

Those employed in community corrections are constantly working to identify high risk cases and to focus supervision efforts on those cases. This is one of the principles of evidence based practices in community corrections.  The general public considers high risk cases as those involving sex offenders. However, not all sex offender cases represent the same high risk or dare I say even a greater risk than other offender cases. But what about sex offenders in which the Internet is involved, so called “Internet sex crimes”? Who are they and what kind of risk do they represent?

Some folks think an Internet sex crime is the adult caught on Dateline’s show,  “Catch a Predator”, trying to hook up with a kid, but get Chris Hanson and the police instead. For some it is the adult or young adult sending, soliciting, and or receiving illicit images or text from young teenagers or children, otherwise known as “sexting.” Still others are thinking of the guy downloading or trading child porn with other offenders. There are also those offenders who use the Internet to locate, lure, and rape both children and/or adults. So who is right? Which of these is an Internet Sex Crime? Well they all can be. That is exactly part of the problem. We often are talking about different offenses. We end up painting these broad risk assessments based upon a “sex crime” and the “Internet” and we get mixed results. Some folks feel is it is all illegal digital make believe and it is not a big deal. At the other extreme are folks that think everyone is a cyber-Hannibal Lecter.

Well lets try to refine the definitions and put some numbers to the categories to see if we can focus in on the risk. Wolak, Mitchell and Finkelhor (2003) describe a review of 2,577 arrests for Internet sex crimes against minors for a 12 month period starting July 1, 2000. They were able to identify three mutually exclusive types. Specifically,

  1. Internet crimes against an identified victim, which included sexual assaults and production of child pornography, which made up 39% of all arrests;
  2. Internet Solicitations to Undercover Law Enforcement posting as an adult with no identified victim, 25% of all arrests; and
  3. Possession, distribution, or trading of child pornography via the Internet, with no actual assault or solicitation of an undercover agent, 36% of all arrests.

They were able to further refine the first category where a real victim was involved. They found that 20% of all arrests involved cases where the offender used the Internet to initiate a relationship with the minor victim and 19% of all arrests were cases in which the offender was a family member or prior acquaintance of the minor. Wow…20% of all cases involved a real kid victim, who was unknown to the offender previously. As I recalled there was something about “stranger danger” risks, I decided to do some digging and look at risk assessment tools on this issue.

One of the most used sex offender risk assessment tools is the Static-1999, which has been updated to the Static-2002 (Static-2002-R). One caveat here. I am not trained in these instruments or certified to administer them. That said, I am aware that these assessment tools look at stranger and unrelated victims  as factors used in assessing risk.  As I have been reading for a number of years and think I have a handle on that skill, I took a brief look at the Coding Rules for Static-2002. There are some interesting rules on stranger victims as they relate to the Internet. Specifically, “A victim is considered a stranger if either the victim did not know the offender at least 24 hours before the initial offence and/or the offender did not know the victim for at least 24 hours before the initial offence. Victims contacted over the Internet are not normally considered strangers unless a meeting was planned for a time less than 24 hours after initial communication.” 

The whole purpose of giving points on this is that individuals whose victims are strangers have a greater risk. I suppose that offenders who target strangers do so because they might think they are less likely to get caught, as in it might be harder to identify them. But doesn’t attempting to reach a minor geographically located far from where an offender can be identified and who is unknown by the minor’s parents/guardians seem to fit that rationale? What about cases where the offender lies to the victim about who they are and the victim has no idea who they really are?  I mean there are cases where the offender portrays themselves as someone else online to lure the minor in and to get them to trust them.  How does this 24 hour rule play out if the offender is providing false information to the minor online? What if that offender brings weapons or tools to dispose of a body to the planned meeting?  Again, I am no way an expert in this but how are those intentions captured in these risk assessment?

Ironically, if an offender targets a male victim during an Internet sting case and it really is a cop, they get a point for a “male victim.”  (Any male victims is one of those scoring factors for risk). The reason is the offender “intended” to go after a male victim. Well doesn’t an offender who goes online to hook up with a minor in another state intend to meet a “stranger”?

Okay, let me take this risk assessment and Internet sex offenses in another direction. Specifically, Seto, Hanson, and Babchishin (2011) recently published an article reflecting their review of numerous studies. They found:

  1. Approximately 1 in 8 online sex offenders (12%) have an officially known contact sexual offense history at the time of their offense;
  2. Approximately one in two (55%) online offenders admitted to a contact sexual offense in the six studies that had self-report data ; and
  3. 4.6% of online offenders committed a new sexual offense of some kind during a 1.5- to 6-year follow-up . (2.0% committed a contact sexual offense and 3.4% committed a new child pornography offense.)

They concluded that …” that there may be a distinct subgroup of online-only offenders who pose relatively low risk of committing contact sexual offenses in the future.” (p. 125).  Did anyone notice they used the term online sex offender? Who are they talking about? Well, they provide the following explanation:

…online offenders and online offending to refer to sexual crimes that involve the use of Internet and related technologies. This would include possession or distribution of child pornography via the Internet, possession or distribution of other illegal pornography content, and use of the Internet to solicit minors for sexual purposes.”

They go on to note that most of the research is focused on child pornography offenders. This is kind of interesting considering the numbers of Internet sting arrests and those involving real victims of abuse noted earlier. Additionally, they specifically consider offenses where the Internet is merely used as a communication tool and is not central to the offense as “offline offending.” They cite as an example an uncle who uses e-mail to communicate with his victim niece. They conclude by noting:

The low recidivism rates of online offenders may be used by some readers to minimize the seriousness of the online crimes committed. We believe this would be a mistake. Child pornography is a serious crime because it contributes to the sexual exploitation of children by creating demand for content, it offends community standards and values, and it is viewed by many members of the public as a serious crime. It would also be a mistake to fail to differentiate online offenders by the risk they pose. Although the research on risk factors is limited, we believe that the risk factors for online offenders are likely to be the same risk factors found for offline offenders (i.e., sexual deviancy, antisocial orientation, and intimacy deficits). Until research suggests otherwise, we recommend that valid measures of these risk factors should be used by the police, courts, correctional systems, and clinicians to prioritize interventions for individuals involved in online sexual offenses.” (p. 140)

I think that their study is intriguing, particularly as it points to evidence of a lower risk for some NOT all online sex offenders. But more importantly, I also think it is a rally call for more study of cases involving Internet sex crimes beyond just child pornography. We now are seeing cases where sex offenders are using social networking sites to meet adult victims.  I wrote about this in The Perfect Storm: Cyberspace Criminality. We also are seeing a lot of sexting cases talked about in the media.  Are they really different than the Internet luring cases we have dealt with in the past? What I would really like to see is a tool that fully incorporates Internet/computer behavior in the process of risk assessment. Brake and Tanner (2007) have developed a two factor risk grid that may be of help in determining the appropriate monitoring level for sex offenders. This grid incorporates the offender’s Internet behavior history and their overall risk of acting out as based upon various sex assessment tool, one of which is the Static-99.  Their article is called Determining the Need for Internet Monitoring of Sex Offenders.  We need more work like theirs.

I might add someone better hurry up on this research. States are now being subject to law suits for passing Internet restrictions. Lousiana is now being sued by the ACLU over its recent enacted sex offender restrictions on social networking sites. There is also a conference this week to discuss removing pedophilia from the American Psychiatric Association’s the Diagnostic and Statistical Manual of Mental Disorders (DSM). Wow… so someone who abuses a child might not be considered having a mental health concern or “mad.”  I guess that just leaves the option that they are just “bad”… we know where bad folks go.  What does all this mean for the community corrections officers out there trying to supervise these cases?  Follow Seto, Hanson, and Babchishin advice about using current measures of risk for these cases. I would couple that advice with becoming knowledgeable about how offending and Internet behavior intersect.  For now I have to look for my cigar. Be safe out there!

Sources

Brake, S. and Tanner, Jim, Determining the Need for Internet Monitoring of Sex Offenders. Retrieved from http://www.kbsolutions.com/MonitoringNeed.pdf

CNN News, ACLU Seeks to Block New Louisiana Sex Offender Law. Retrieved from http://www.cnn.com/2011/CRIME/08/16/louisiana.sex.offender.law

Implementing Evidence-Based Practice in Community Correcitons: The Principles of Effective Internvention, Retrieved from http://nicic.gov/Library/019342

Pnenix, A.; Doren, D.; Helmus, L.; Hanson, K. and Thornton D. Coding Rules for Static-2002. Retreived from http://www.static99.org/pdfdocs/static2002codingrules.pdf

Rossomando, J. (2011, August 15) “Conference Aims to Normalize Pedophilia”, The Daily Caller
Retrieved from http://dailycaller.com/2011/08/15/conference-aims-to-normalize-pedophilia/#ixzz1VObj3Vmo

Seto, M; Hanson, K. and Babchishin, K. (2010) “Contact Sexual Offending by Men With Online Sexual Offenses”  Sex Abuse 23: 124-145

Wolak, J.; Mitchell, K.; and Finkelhor, D. (2003) Internet Sex Crimes Against Minors: The Response of Law Enforcement, Crimes against Children Research Center, University of New Hampshire. Retreived from http://www.missingkids.com/en_US/publications/NC132.pdf

 

 

Supervision

States Limit Social Networking Use: Good or Bad?

August 11th, 2011

On almost a daily basis there are media reports about sex offenders being caught online, either trying to pick up a “minor” or viewing child porn. They are also stories about a supervised sex offenders going to a social networking site and getting arrested for failure to maintain their registration. The intersection between sex offending and the Internet seems no longer to be merely a crossroad in the public’s mind but a five lane expressway of deviant behavior. As a result, legislatures appear to be taking a “shotgun” approach to the issue of sex offenders and the Internet. Consider the following:

  • The Massachusetts legislature is contemplating a bill to make registered sex offender’s email addresses and online Identifiers available to the public at large.
  • In June, Louisiana passed a law prohibiting offenders convicted of certain sex offenses against a minor from using social networking sites, although probation and parole officers and judges can make exceptions.
  • New York passed a law in 2008, which requires sex offenders disclose screen names and e-mail addresses during registration. This information is then forwarded to two dozen social networking sites which then block the offenders. Since its enactment it is credited with removing 24,000 sex offenders from Internet social networking sites nationwide.
  • North Carolina, in 2008 prohibited all sex offenders from social networking sites used by minors.
  • Illinois in 2009 enacted a prohibition against registered sex offenders using a social-networking service defined as an “Internet website containing profile web pages…that include the names or nicknames of such members, photographs…or any other personal or personally identifying information.”

Louisiana’s approach on it face, seems much more “tailored” than the other states mentioned.  New York, at least by the numbers noted, is being successful in removing sex offenders from social networking sites.  The questions though are these sex offenders staying off and are there less sex crimes being committed in New York with a social networking aspect as a result. I would like to know.

I get what these legislatures are trying to do. They want to make the Internet safe for kids. That is a very noble objective. I have no issue with supervised high risk sex offenders being prohibited from certain areas of the Internet.  I have also no issue with registered sex offenders, particularly those under supervision, being required to disclose their e-mail and Internet identifiers to law enforcement and their supervision officers. However, Massachusetts the wholesale expansion of these disclosures to the general public seems a bit problematic. 

If Massachusetts passes their law and provides for public disclosure, it will only impact sex offenders in their state. There is no way a Massachusetts resident could check a questionable e-mail on any of the other states sex offender registrations. Many states simply haven’t mandated disclosing Internet identifiers.  As of July 27, 2011, only 14 states, nine tribes and one territory have substantially implemented Title I of the Adam Walsh Child Protection and Safety Act of 2006 (SORNA).  Ironically, only Louisiana of the states noted above has substantially implemented SORNA. So even if Massachusetts does provide for public disclosure of sex offender’s Internet identifiers, there are countless registered sex offenders whose Internet information are not even in the database.

By the way, Massachusetts is bordered by states Connecticut, New Hampshire, New York, Rhode Island and Vermont, none of which have substantially implemented SORNA. New York prohibits sex offenders on social networking sites but their disclosure of Internet identifiers is limited to social networking sites.  SORNA regulations explicitly prohibit public disclosure via the public registry websites (other “avenues” of public disclosure are however not prohibited).  In short, even if a state collects Internet identifiers, that does not translate into easy public access.

So Massachusetts I am having a bit of trouble understanding what public disclosure will do for you. Sure your parents would be able to check an e-mail against the registry to make sure it isn’t a local sex offender communicating with their son or daughter. But what about that sex offender in a border state or the non-complaint sex offender in your own state? If you enact your law it will be like giving your residents a Massachusetts telephone directory to look up a pizza delivery telephone number in California (hold the anchovies please). If I were in Massachusetts would I feel safer for my kids if this law gets passed? More to the point, would they be safer? Very doubtful. 

Oh Missouri don’t think I missed you in this legislative outing. Missouri is now restricting teachers from having contact with their students via social networking sites. One justification sited for this a Associated Press investigation that revealed sexual misconduct through social networking avenues were six times more prevalent than those from the priesthood scandals. Missouri is 11th worst state in the nation for teacher sexual misconduct with students. The law means teachers can’t communicate freely with their students online. Luckily, they didn’t prohibit teachers in the classroom too. Hopefully, the final regulations that result from this will be less than wholesale censorship, particularly with individuals who haven’t been charged with any law violations.

Don’t get me wrong. I know there are risks associated with being online and we need to protect our citizens. Again, I have no issue with requiring sex offenders report all their Internet identifiers, which can be used by law enforcement and corrections. I also have no problem with limiting and monitoring offender’s Internet activities while under supervision. I would also like to see more Internet safety and ethics being taught in our schools. Probably the best way to make your kids safe is to be involved and know what they are doing both in the real world and in cyberspace. I also like it when a state like Louisiana, provides an exception to one of their new laws dealing with these restrictions. This allows us in the “real world” to tailor are risk management efforts.

I have never been fond of a one size fits all approach. Tailor the law to the need. Don’t make it too big or too small. Our laws need to be based upon some rational basis beyond a good “sound bite” on the television news. I know I am asking a lot and I am going to ask for more. Before a legislature passes one of these feel goods laws consider how it is going to be enforced and provide training and resources to get it enforced right. For now one last request. Where is that cigar I put down?

Legal Updates, Supervision

Sex Offenders: 1 Supervision Officers: 0

August 4th, 2011

Recently a parole officer contacted me for guidance on a sex offender he is supervising. The sex offender was prohibited from being on any social networking site (SNS) and he suspected he was accessing at least one. He had seized the computer and was asking for advice.  At that point I asked the officer if he had checked any SNS to see if the offender was online.

You guessed it. It appears the sex offender is not the only one prohibited from accessing a SNS. The supervision officer was prohibited by his agency’s policy and system from accessing any SNS from his work computer. In fact, his agency’s computer usage policy was so restrictive he couldn’t even download a copy of Field Search, a program initially developed by National Law Enforcement and Corrections Technology Center (NLECTC) to assist probation and parole officers in sex offender management.

Unfortunately I can’t say this a new problem. I have heard it expressed countless times by other officers from other agencies all over the country. We can’t access SNS or other Internet areas because our system/policy prohibits it. There is a fear that officers will start updating their SNS or worse visiting pornography and not do their work. I understand the concern that employees may waste time online. After all monitoring software companies stress the amount of hours wasted by employees surfing the net on the clock.

The problem is supervision officers need to know what offenders are doing online. It is part of the job in the 21st Century.  Sex offenders are online and on SNS. Gang members are also using SNS to communicate with one another. This blog has noted how offenders are using Twitter to discuss their officers and supervision. Can anyone imagine an agency prohibiting its officers from going in the field because of fear they might goof-off or do something in appropriate?

It is funny in some respects if we consider that some correction agencies are looking to expand inmate access to e-mail and possibly the Internet. But when it comes to the parole officer getting access…nope we can’t trust you to do your job if you have online access. So we can trust inmates but not officers? Wow what a thought!

The second reasoning for limiting access is an IT based argument. Specifically, we can’t allow officers to go anywhere they want because they are liable to download a virus or worm. They also don’t want employees making changes to the system by installing software. That is probably why the officer I noted above couldn’t download Field Search. I get there are problems with downloading or going to locations without proper precautions. There is stuff out there will install itself even if you don’t click on something and then your machine is infected.

But lets take this argument into the brick and mortar world a bit. Would we prohibit officers from driving agency vehicles into some of the high crime areas out there to do their supervision activities? I mean the agency car might get stolen or damaged. And we can’t have officers speeding in those cars because they might get in an accident, so lets put controls so they can’t go faster than 45 mph without approval. In some correctional agencies those kinds of controls and prohibitions are being put on computers and the Internet. They are more concerned about protecting the agency property than performing the agency mission, which is protecting the community.

Our jobs are inherently risky. Officers take a chance every time they put on a gun and a vest and go out in the field to supervise offenders. That is our job. We don’t ignore risk but we don’t run from it. The same approach must go for computers and the Internet. Allow officers to do their jobs when it involves the Internet or computers. Protect the system but don’t lock it down so tight that it is useless. By all means keep anti-virus and firewalls working and make sure updates are made when needed. But make appropriate exceptions for officers to do their jobs. If needed isolate those machines from the rest of the agency system so they can be used to perform online supervision activities.

Officers and mangers also need educated about what the risks are and what to avoid. Officers and managements need to talk with IT staff about what is needed. Risk must be managed so that officers can still do their job. “No way” has got to be replaced with how can we minimize the computer/system risk and protect the community. After all can we really put more value on a desk top computer or even a whole network (both of which can be restored or replaced) over community protection? Do we really want to protect one lap top with WiFi Internet access over the life of one child abducted and killed by a supervised sex offender they met online? Lets put the public over the computers we use. Otherwise the offenders will win. By the way, that sex offender I mentioned is online, while his officer’s agency hasn’t even started the game. Gee I hope those agencies aren’t blocking officers access to the Three C’s! Time for a cigar on that thought.

Internet Safety, Supervision

What you wrote a book?

July 31st, 2011

You know I posted about finishing a manuscript and submitting it to a publisher.  What does it cover? Cyber-supervision is a broad topic. Well, it discusses the following topics: intro to cyber-crime and corrections;  legal issues on technology conditions being imposed; legal implications for compliance enforcement; assessing cyber-risk; search/seizure; monitoring software use; online investigations and more.  All of these topics are specific to community supervision officers (probation, parole, pretrial officers).  I am sure a few judges, parole adminstrators, prosecutors, and maybe a few attorneys will find it interesting.  I will keep you updated on the process and of course when it hits the shevles.

Uncategorized

Update Status

July 31st, 2011

I just finished my manuscript and submitted it to my publisher on a book focusing on cyber-supervision. It was a long process but I am glad it is done. The publisher has it…will review for typos (thank goodness)…. get it back to me for indexing… and with luck it will be out in six months. Bottom line is I will be posting this week and be back in the saddle…cigar and all. By the way if you have a cybercrime topic you want me to consider or address, post a message to this blog entry.  Thank you for your patience.

Uncategorized

Where is that cigar smoking fool at?

June 30th, 2011

I have not forgotten the blog. I am about two and half chapters away from finishing a cybercrime book specifically for probation and parole officers.  I have a deadline and will be  pick this blog back up in earnest very shortly. I have some ideas for some topics but before I put them out there, lets hear what you have in mind. For now back to work…and a cigar!

Uncategorized

The Perfect Storm: Cyberspace Criminality

May 21st, 2011

Recently Match.com made headlines in a bad way. It became the subject of a lawsuit for not properly screening sex offenders from its dating service. You guessed it. One sex offender hooked up online with a female and met and raped her in the real world. Match.com has promised to ratchet up its screening protocols. This past week Connecticut moved legislation forward that would require Internet dating sites which charge fees to provide customers safety tips and advice  to make both online and offline dating safer. If enacted Connecticut will join New York and New Jersey who have passed similar legislation.

Within the last week Craigslist has again made the news as a virtual hunting grounds for offenders. Fours suspects (two reportedly gang members) posed as sellers on Craigslist and robbed an 18-year old and his girlfriend and killed the man when he attempted to follow them.  We also have an apparent serial killer dubbed the “Craigslist Ripper“, using the service to find victims and dumping the bodies in a secluded section of Long Island beach over the past several months. The blog has discussed previously the issues regarding sex offenders on social networking sites, notablly Facebook. However, make no mistake not all the victimization occurring online is due to sex offenders. An article in the Wall Street Journal  provided information on a 45 year old senior manager who was scammed out of $5,000 by a “female” he meet on eHarmony.

Why are these acts occurring online in apparent increasing frequency? Well part of it may be the media just highlighting these serious online crimes, which makes it seem like there is more of them. However, the truth is more and more of the public is turning to the Internet for social interaction. The more interaction online the more victims come into contact with motivated offenders. This is exactly what I believe Lawrence Cohen and Marcus Felson were suggesting with their Routine Activities Theory. Specifically, a crime occurs when the following three factors converge in time and space: 1) A motivated offender; 2) A suitable target; and 3) The absence of a capable guardian. I think the argument can be made that there really is an “absence of a capable guardian” online, so in a real sense we are seeing a perfect storm of criminality in cyberspace.

We also can’t ignore that the computer and the Internet are excellent tools for criminal behavior. The Internet provides offenders with a sense of anonymity. They can communicate with whomever they want with little fear that someone will discover or identify them. Additionally, they can tailor their appearance to whatever is needed to get at their victim. They can be rich, educated, someone from the opposite sex, single, more attractive, less overweight, or similar in age to the victim, etc. These dating sites also are in many respects a sexual predators ‘ preference catalog. Most group individuals by age, weight, hair and eye color, height, location, etc. I have even seen some sites provide shoe sizes. What more would a crazed sexual predator want?

Additionally, they can literally groom multiple victims not only over an extended period of time but simultaneously. Such activity would prove harder and riskier to accomplish in the real world. Finally, particularly, with the scams and frauds, offenders oftentimes are not even in the same jurisdiction or country of the victim. This makes investigation and prosecution that much harder and dare I say the offenders know it.

So what can be done about this? Well for starters we need more Internet safety presentations, starting at a young age and going all the way up to the nursing homes. These presentations have to stress that just because someone types it on a screen or shows you a picture doesn’t really make is so. Additionally, such presentations should stress the appropriate personal details to share and under what circumstances.

The private sector in cyberspace has also got to step up to plate. In the real world no business would last long that did not provide proper lighting in the customer parking lots, routine mall security, etc. The private sector, particularly those involved in social/dating sites, have got to come up with techniques for providing those same rudimentary security measures that we all expect in the real world. If they refuse to do so their sites may become as popular as a store with no night lighting located in a high crime area.

Finally, law enforcement has got to be more involved in the online community and not just retroactively but proactively. This is going to be hard with the current budgetary climate. But if it doesn’t happen the Old West will seem like a very mild metaphor for describing the lawlessness of 21st Century cyberspace. 

For community corrections officers we must be aware what our offenders are doing online, particularly if their crimes were predatory in nature. I can see no earthly reason why a supervised sex offender should be given free rein to frequent whatever social networking he or she chooses. Even the sites which only allow adults can be a problem for sex offenders who victimize children. Most ask if the person has children. How hard would it be for a pedophile to locate a single lonely mother with minor children to victimize? Offenders who are con artists also pose a risk in this environment where victims are so trusting. Ask questions about what your offenders are doing online before you get that call from the police department about them.

 Many of these issues I am sure are going to be discussed at HTCIA’s 2011 Annual Training Conference and Expo. The HTCIA is celebrating 25 years as a participant and leader in the High Technology world this year. Tell Wojo, Jimmie, Duncan, and Tom I sent you. Now where is that cigar I had? Be safe out there.

Internet Safety, Supervision

Hackers, Crackers, Tramps and Thieves

May 9th, 2011

Recently, we have saw  a “hacker group,”, loosely known as Anonymous wage a denial of service attack (DDoS) against various companies that withdrew services to WikiLeaks. This was done in a supposed noble defense of WikiLeaks. Now it appears the same group has taken credit for attacks against Sony. Why attack Sony? Because Anonymous believes individuals should be able to modify PlaySation3 consoles and Sony’s says they no they shouldn’t be and are fighting the copyright infringement with legal action. It is sort of like I disagree with you and we end up in court and you then throw a rock through my window (funny…. I didn’t mean to bring Microsoft into the mix…LOL).  Well apparently, more then a rock got thrown through Sony’s “window.” It now appears that 2.2 million credits cards with CVV were stolen as well. Anonymous is now only claiming they broke the window, not that they stole anything. Who exactly are “hackers”?

Initially the term came to refer to individuals who pushed technology to its limits. Hacking was making technology (hardware/software) do more, more efficiently, etc. However, somewhere along the mix it began to be used as a term to describe individuals exploiting technology for illegal purposes. Latter the term crackers came to refer to hackers who did bad things, such as breaking into systems, causing damage, stealing data, etc. We also had the “color” system if you will, in part no doubt due to the old adage in Western movies, good and bad guys wear different colored hats. Yep you guessed it you have White Hat hackers (good guys) and Black Hat Hackers (bad guys). Of course, you also then have the Grey Hat Hackers (good or bad, depending upon what they are doing). As an old John Wayne fan I never really paid much attention to what hat he was wearing but that is beside the point.

In my opinion, hackers have come to enjoy a unique position in our society. For instance, there is no such thing as a “white hat” embezzler, drug dealer,  or bank robber. The closest think I can think of is maybe Robin Hood, where he was a criminal but his ends justified his means (steal from the rich and give to the poor). I suppose there was some romanticizing about train/bank robberies, Jessie James or even Bonnie and Clyde. But in the end we still consider them criminals when all is said and done. We just don’t have other offender groups being described by their head apparel. I also am amazed being a hacker is viewed by some as the best pathway to becoming an IT security expert. It is sort of like someone being a burglar or robber as a path to a career as security professional. I guess these folks think honest hard work and education just doesn’t look as good as I was a criminal on a resume.

So what does this have to do with corrections? Well, many of these folks do get caught. They go before a judge and someone has to look at what was done and make a call. Answering it was illegal is easy. What do you do with them? Some would argue they are Robin Hoods, making information free for the world. Some believe they are just really smart and the corporations are the real corrupt ones. (See The Conscience of a Hacker)

Here is the problem I have. My Robin Hood didn’t burn Sherwood Forrest to help the poor. He also did not use the poor as pawns in his fight with the rich. Take a look at the Sony case. They have a right to protect their intellectually property. They were pursing the matter in court, following the law. A group of offenders breaks into Sony, allegedly to embarrass them. However, someone during the break-in, (more then likely the same folks that broke in) stole 2.2 million credits cards with CVV. There are reports that those card number are being sold. Sony looks bad for the security breach. But was it really necessary to harm Sony’s customers in the fight to make right? So, are hackers misguided “Robin Hoods”, out to defend us against the big bad corporations out there? Or are they what we normally call, common criminals?

On the other hand some of these “criminals” are what we call in the business, “success” stories. “rtm”who released the first Internet worm, later went on to get a doctorate and is a respected expert in the field. The “Condor” is an author and runs a successful information security consulting firm (not withstanding my comment about criminals becoming future security experts). The “Dark Dante” is a senior editor for a major publication as well as an accomplished author.  

The bottomline to this discussion, is corrections must do what we always do. Condemn the acts but not the individuals. Hackers, whatever the reasons, are offenders, not modern Robin Hoods. They can be rehabilitated. They are however not modern day technological heroes. Making them sound like a quarter pounder with cheese does not change the fact they have no meat between the buns. Take care and be safe. Time for a cigar!

Uncategorized

Whats Up Doc?

May 2nd, 2011

Well, I haven’t forgotten. I am finishing up teaching a cybercrime course and of course there is the book. I have some ideas in the hopper which should be about to pop. I am thinking about a hacker piece and of course there are some new updates on sex offenders and computers (joy right?). Anyway, hope to have something ready by weeks end. Thansk for your patience!

Uncategorized