3 Cases Where Evidence Was Strictly Digital

With a substantial part of the world connected via the internet, it stands to reason that digital pathways will be used not only for people to conduct business and connect with friends, but for outlaws to sneak around and cause trouble.

From the first malware released by a graduate student in 1988 to the recent phone and email hacking by The News of The World reporters against, first, a deceased child and eventually the Royal family, criminals have discovered ways to access information and money as well as shut down and destroy entire networks. What’s more? The losses usually exceed any sum of money stolen during any bank heist that has ever occurred.


A trigger finger can do more damage when tapping a keyboard.

A surreptitious injection of ingenious foreign code is usually the key to making other people’s computers do illegal work. Such code can invade an unsuspecting host computer in many ways. For example, a document, a video or a photograph may be sent in digital form through the internet as an email attachment or a web program. These items are sent  in the form of “packets” of 1s and 0s, arranged in many short string sequences, capped by headers and footers. The headers are address labels and tell a network where to pass the code string along; the footer indicates that the message is complete. The code in the middle is the active ingredient: instructions to display text, a picture, or run a program.  When all of the related strings are re-assembled at their destination, the parasitic packets related to the malware will automatically re-form. Instructions are provided to the computer and two things happen: 1) something intelligible and expected appears on a screen as a ruse, and 2) an invisible code is released to do dirty work.


The proverbial monkey in the machine.

When the host computer reads the secret instruction, it will trigger an independent action to do one or more of many unwanted operations: release a virus to shut down all or part of a computer’s systems, send software bots through the computer’s database to collect and return passwords, bank information and other private data, or even open a back door into a network so the hackers can connect to explore by themselves.

It is like sending a tiny monkey with a key through the keyhole, and waiting for that trained monkey to unlock the door from the inside. It may even go through your house, wreck your belongings and and steal your valuables.


The Morris Worm: the first internet Godzilla.

23-year-old Robert Morris, son of a National Security Agency computer security expert and a student at Cornell University, was simply playing around on the newborn web when he wrote 99 lines of code and sent it off to see what would happen. He was surprised at how fast it infected computers, replicated itself and crashed other systems. Invisible tasks were overloading machines around the world within hours, and before it was discovered and defeated, it had infected 10% of the machines on the internet (about 6,100 at that time). His reward? A federal judge sentenced him to 400 hours of community service and a $10,000 fine.


The ShadowCrew is after you.

Between 2005 and 2007, Albert Gonzalez and his accomplices wrote a program using SQL injection (essentially a hidden code that is executed on a target computer once it infiltrates a network) to create back doors controlled by his crew. He then sent packet-sniffing programs to find computer data which revealed banking and security information to his cohorts. They were able to capture and sell more than 170 million credit card and ATM numbers. They made millions. On March 25, 2010, Albert was sentenced to 20 years in a federal prison.


An attack on the US Military – from Scotland.

Gary McKinnon was a systems administrator for a company in Scotland, and curious about conspiracies he thought were perpetrated and hidden by the US Military. He found his way into networks operated by the US Army, looking for evidence of the suppression of free energy, cover-ups of alien UFO activity, evidence of anti-gravity machines and other technologies. In rooting around, he deleted critical operating files, shut down the US Army’s District of Washington network for 24 hours, copied data and passwords to his own computer, and generally wreaked havoc.

He also left threats on target computers, including a message that taunted security forces which stated US foreign policy is akin to government-sponsored terrorism these days… It was not a mistake that there was a huge security stand down on September 11 last year… I am SOLO. I will continue to disrupt at the highest levels…”

He was tracked down and arrested, thereafter beginning a series of police interviews and extradition hearings with the US attempting to bring him to America for trial, and the UK authorities resisting. It was a fight that went on for eight more years, ultimately resulting in a Pink Floyd song about his plight and a decision to incarcerate him in England rather than the US or even Guantanamo.


Sophistication begets sophistication.

In the past, hackers left ‘footprints’, ‘breadcrumbs’ and other digital evidence that made it easy to backtrack, trace and catch them.  Today, programmers on both sides are waging a constant battle to both hide and seek in networks all around the world. Sometimes the criminals succeed, sometimes they are thwarted. Still, as long as there are cops and robbers, the show will go on.


Your Turn: Do you know of any other high-profile cases involving the bypassing of cyber security? Do you work in the field — and are you keen to share some stories or pointers? We’d love to hear from you. Leave your comments here.



One Comment

  • Lynne Blanchard says:

    You should take a look at the Brad Cooper case – another one where the only evidence was digital. It is a fascinating case that came down to a Google map search but there is strong evidence it was planted on Cooper’s computer. There is a book about it – “Framed by Google Maps” by Lynne Blanchard.

Leave a Reply