Impact Magazine June 2011 - Office of Inspector General - U.S. ...
Impact Magazine June 2011 - Office of Inspector General - U.S. ...
Impact Magazine June 2011 - Office of Inspector General - U.S. ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
IMPACT <strong>Magazine</strong> • <strong>June</strong> <strong>2011</strong><br />
Spotlight on CCU: “First In, Last Out”<br />
OIG OPERATIONS<br />
That is the moto <strong>of</strong> the OIG's Computer Crimes Unit<br />
(CCU), a specialized unit responsible for (1) identfying, collect-<br />
ing, and analyzing digital evidence in support <strong>of</strong> criminal, civil,<br />
and administratve investgatons throughout the naton; and (2)<br />
investgatng allegatons and issues related to cybercrimes.<br />
Today, individuals and businesses live and work on<br />
computers. Yesterday’s paper trails have become today’s electronic<br />
trails. OIG has long recognized the importance <strong>of</strong> digital<br />
evidence. Startng in the 1990s, OIG used select special agents<br />
trained as Seized Computer Evidence Recovery Specialists<br />
(SCERS) to perform forensic analyses <strong>of</strong> computer media as a<br />
collateral duty. In order to meet the demands <strong>of</strong> ever-increasing<br />
digital evidence, OIG created CCU in 2007. It now consists <strong>of</strong><br />
four full-tme Computer Crimes Agents and two full-tme Computer<br />
Crimes Technicians, all with advanced computer training<br />
and experience to more fully exploit digital evidence.<br />
CCU supports case agents and investgators across<br />
the naton by processing and imaging computer media. As<br />
Assistant Special Agent in Charge Bill Swallow says, "When out<br />
on search warrants, we like to be the frst ones in the door, and<br />
we are almost always the last ones to leave." This is <strong>of</strong>en due<br />
to the fact that processing and imaging <strong>of</strong> computer media at<br />
a search site can take a long tme. It is common for CCU to fnd<br />
William Swallow, Assistant Special Agent in Charge, OIG Computer Crimes<br />
a dozen or more computers during a search with more than<br />
Unit, conducts a forensic examination <strong>of</strong> departmental computers<br />
a terabyte (equal to 1024 gigabytes) worth <strong>of</strong> data. Since its<br />
incepton, CCU has seen a signifcant increase in the amount <strong>of</strong><br />
digital evidence associated with OIG cases natonwide. In fscal year 2009, CCU processed approximately 170 pieces <strong>of</strong> digital evidence.<br />
Currently, CCU has seized and is examining approximately 300 pieces <strong>of</strong> digital evidence amountng to almost 32 terabytes.<br />
CCU's second mission, cyber investgatons, takes computer crimes agents into the dark underbelly <strong>of</strong> the Internet. This is<br />
a relatvely new area for OIG, driven by the dramatc increase in cyber intrusions at DOT. OIG also plays a role in DOT's overall cyber<br />
security efort in its programmatc oversight. OIG has a role in ensuring efciency by conductng IT audits to determine if the Department<br />
is following DOT and Government policy and ensuring the integrity <strong>of</strong> the Department's programs by conductng computer intrusion investgatons.<br />
CCU works closely with DOT's Ofce <strong>of</strong> Chief Informaton Ofcer, Cyber Security Management Center, U.S. CERT, and the FBI<br />
to identfy and thwart cyber criminals. CCU's investgatons and operatons <strong>of</strong>en identfy previously unknown computer system compromises<br />
that improve DOT's overall ability to mitgate this threat.<br />
13