REVIEW: "High Technology Crime Investigator's Handbook", Gerald L. Kovacich/William C. Boni
- BKHTCRIH.RVW 20021012
"High Technology Crime Investigator's Handbook", Gerald L.
Kovacich/William C. Boni, 2000, 0-75067806-X, U$34.95
%A Gerald L. Kovacich shockwavewriters.com
%A William C. Boni
%C 2000 Corporate Blvd. NW, Boca Raton, FL 33431
%I Butterworth-Heinemann/CRC Press/Digital Press
%O U$34.95 800-272-7737 http://www.bh.com/bh/ dp-catalog@...
%P 298 p.
%T "High Technology Crime Investigator's Handbook: Working in the
Global Information Environment"
The preface makes the somewhat contradictory statement that the book
is "not a `how to investigate high-technology crime' book but provides
basic information for someone ... new to the profession." This odd
assertion may be partially explained by the fact the text is very
heavy on career and organizational matters, and extremely light on
functions and technology. It would appear that any technical issues
are seen as "how to," while corporate politics are basic information.
Part one provides an introduction to the high technology crime
environment, in broad overview. Chapter one is a pedestrian
presentation of high technology. The text is very disjointed (a
discussion of government departments using high-tech crime as a
justification to fight for increased budgets is immediately followed
by a minor example of online harassment), and, despite the promotion
of the importance of technical information and tools for crime
investigation, the technical material is weak, simplistic, and oddly
handled. For example, a subjective and imprecise measure of data
volume (a book) is used to calculate ridiculously "accurate" (in terms
of significant figures) store sizes for a variety of obsolete systems.
There is a superficial and pessimistic look, in chapter two, at the
"Global Information Infrastructure." Again, the technical content is
insubstantial: mention of lists of top level domains makes reference
to using a search engine to find them, but the instructions consist of
"well, you're an investigator, investigate." This seems to sum up the
attitude to providing necessary information. High-technology
miscreants, in chapter three, are reasonably well described, with only
minor errors. There is an internal contradiction when the text lumps
phone phreaks in with hackers, and then treats them as distinct, and
the book retails the Cap'n Crunch myth, whereas Draper himself points
out that he was taught about the 2600 hertz whistle. There is a
slight overemphasis on the importance of "professional hackers."
Chapter four's coverage of attack technology is jumpy and fragmented.
An "ISP attack" makes little sense, while spoofing is narrowly defined
to include only one specific type of session hijacking. Three pages
of diagrams of PBX (Private Branch eXchange) attacks explain nothing.
Protection technology, in chapter five, is defined as access control,
accountability, and audit trails, followed by a random grab bag of
Part two is an overview of the high technology crime investigation
profession or unit. This material is basically recycled from "The
Information Systems Security Officer's Guide," by one Gerald L.
Kovacich. There are a large number of very short chapters. Chapter
six is a generic promotion for career planning, with added, but oddly
irrelevant, details. Marketing yourself, in terms of preparation of
resumes and for interviews, is in chapter seven. Chapter eight
describes the perfect, and therefore fictional, company to work for.
This is followed by the perfect job description in nine, the perfect
investigative unit in ten (with some brief staff job descriptions in
eleven), and the perfect mandate (plus an excessively detailed example
of a PBX survey) in chapter twelve. Chapter thirteen suggests that
you develop contacts, but, somewhat in opposition to the career
building emphasis earlier, this concentrates on "sources" or
informers. The development of metrics, in chapter fourteen, seems to
be primarily concerned with the creation of bar charts to show
management that you've been working. The "Final Thoughts," in chapter
fifteen, are mostly vague opinions.
Part three is entitled high technology crimes and investigations.
Chapter sixteen has various stories, with almost no detail, about
crimes and computers, few of which are relevant to corporate
investigations. There is some useful advice, in chapter seventeen, on
the initial seizure and chain of custody of computer equipment, but
the discussion is limited to data recovery.
Part four is supposed to be about challenges to high technology crime
investigation, but chapter eighteen, the only section, simply contains
more vague thoughts.
For someone trying to build a career via political maneuvering, this
book can provide some useful tips. For someone trying to investigate
a crime involving computers, it might be a bit frustrating.
copyright Robert M. Slade, 2002 BKHTCRIH.RVW 20021012